Multi-factor Authentication is an authentication method that requires users to provide two or more forms of verification to gain access to an application or a digital resource. This adds an extra layer of security beyond a username and password that makes it harder for anyone without authorization to access the application. MFA set up for Borealis is two-factor and it's easy to use it to access the application.
Set up MFA for your organization
Ask your Customer Success Advisor to set up this service or contact us at firstname.lastname@example.org. The Advisor will liaise with our Technical team to enable MFA.
Enable the MFA for your users
1. Once MFA has been enabled in Borealis, the user first has to download and install a TOTP (Time-Based, One-Time Password) application (such as Google Authenticator or Microsoft Authenticator) on their phone. You may refer to your organization to take the most appropriate TOTP application.
2. When the user log into the system for the first time, the page is redirected to the MFA enrollment page which displays a QR code as seen below. The user should use the TOTP application and scan the QR code displayed.
3. The TOTP application will generate a one-time, 6-digit password specific to the user profile, automatically renewed every 30 seconds. This one-time password will be used for the second level authentication.
4. To complete the enrollment, the user needs to enter the one-time password displayed on his/her phone on the Borealis authentication page.
Connect on a daily basis to Borealis
Once the user has been registered for MFA and has authenticated their account in Borealis, he will be directed to the following page. He will need to enter a one-time password generated by the TOTP application each time they log in.
Revoking the MFA from a user profile
To revoke the MFA token (authenticator application), the Superuser must simply access the user profile, click on the “Actions” button, and select "Revoke MFA Token" as shown below: