Multi-factor authentication ( MFA) allows you to secure your Leavetrack account by requiring you to have:
- Something you know - your password
- Something you have - your mobile device
With MFA, you sign into your account using your username/email and password and then have to enter a one-time passcode ( OTP) generated by an app on your device. Authy and Google Authenticator are two popular apps for generating OTPs. Please read this article fully to understand the implications of enabling MFA.
You can watch this two-minute video on setting up MFA.
To setup MFA, go to View My Profile > Edit. In the Security & Access section you will see a link to setup MFA.
Using your authenticator app, scan the QR Code shown on screen. This will generate a 6 digit code which you should then enter into the box. Clicking "Complete Setup" will turn on MFA for your account.
Completing setup will present you with ten recovery codes. If you lose access to your device, you can use a recovery code to regain access to your account.
Consequences of enabling MFA
If you lose your device or do not have access to it, you will not be able to access your Leavetrack account unless you use a recovery code.
Similarly, if you change your mobile phone, you need to disable MFA on your account and re-enable it using your new device before you dispose of your old device. If you change devices and are not logged into Leavetrack, you will not be able to login to set up your new device.
We take security very seriously and believe the benefits of MFA outweigh the downsides. We encourage you to use a password management application to store passwords and recovery codes.