Multi-factor Authentification (MFA)

As an extra layer of security, MFA may be enabled on a SmartyGrants Account. This can be enabled by an administrator for all users in an account, or by an individual user for their user account only. When MFA is enabled, an authenticator mobile app (such as Google Authenticator or Authy) will be required each time they log in. By default, MFA is set to ‘Optional for everyone’. With the default setting enabled, individual users will be able to configure MFA for their own accounts.

Warning

If MFA is set to required for all users for one instance, users who have access to multiple instances will be required to set up MFA to access all their instances.

Enable MFA for all users

Administrators can configure the SmartyGrants account to require MFA be used for all users who have been added to the account. To enable MFA for all users:

  1. Select the Settings icon.

Untitled 8.png

  1. Select MFA Setup.

Untitled 9.png

  1. Select Required for everyone.

Untitled 10.png

Enable MFA for a single user

  1. Navigate to the My Account page.

  2. Select Enable Multi-Factor Authentification.

Untitled 11.png

Users can only enable MFA on their individual user account if the Account level MFA Setup setting is set to 'Optional for everyone'.

When MFA is enabled, either for an individual user or all users, when the user next attempts to login at https://manage.smartygrants.com.au/ they will be presented with the following screen:

Untitled 12.png

Once initial activation is complete, users will be presented with the following screen upon every login:

Untitled 13.png

SmartyFile

Users who are a member of a SmartyFile Organisation with MFA enabled who are required to use MFA when logging in to their ‘manage’ account will be automatically use the existing authenticator app configured on the SmartyFile account.

Single Sign On (SSO)

If you access SmartyGrants via your organisation’s Single Sign On protocols (for example, an SSO login URL similar to https://manage.smartygrants.com.au/login/sso?domain=ssoexample.com), SmartyGrants MFA is not available. However, MFA may still be in place via your organisation’s SSO implementation

Reset a User’s MFA

A user may require the MFA to be reset, for example if thay have lost the device their authenticator application was installed on. To reset the MFA for a user’s account and Administrator can:

  1. Select the Settings icon.

image-20240823-021821.png

  1. Select User Access.

Screenshot 2024-08-23 121919.png

  1. Select the User’s name.

Screenshot 2024-08-23 123007.png

  1. Select Reset MFA.

Screenshot 2024-08-23 123238.png

  1. Confirm the MFA reset by selecting Confirm.

Screenshot 2024-08-23 123436.png

Search