CosmoLex provides two options for two-factor authentication.
- One-time passcode via SMS
- Microsoft Authenticator
Enabling Microsoft Authenticator will prompt Admin users to sync their account with the Authenticator app and add verification code from the app. Multi-factor authentication (MFA) or two-factor authentication (2FA) is a great way to add an extra layer of protection to account logins.
Enable For Firm:
-
- When logged in as an admin user, go to the Setup area. From the left navigation panel, click Security.
- Beside the Two-Factor Authentication, turn the toggle button ON.
3. System will open a window, prompting you to select a Two-Factor Authentication Method.
4. By default One-Time Passcode via SMS displays in the drop-down menu. Select Microsoft Authenticator and click SAVE.
Instructions will then display for the Admin user to enable their Microsoft Authenticator App. This step is required to ensure that the admin can access their account going forward.
Enable for Admin User
The Microsoft Authentication – Activation window will open with three steps to complete the verification process.
- Install the Microsoft Authentication Application
- If already installed, search for ‘Authenticator’ app on your device, otherwise download from your app store (Apple, Google Play) by searching ‘Microsoft Authenticator’.
- Configure the Application
- In the Authenticator App, click the 3 dots at the top right and choose to add account.
- Choose ‘Other Account’.
- Scan the QR code. This will insert the account name and secret key automatically. If you cannot scan the QR code, enter the secret key manually and account name (e.g. CosmoLex) into your Authenticator app.
- You will now see that account added in your Authenticator App.
- Enter your password and code
- In the Authenticator App, select this newly added account to see your verification code (note: this code refreshes every 30 seconds).
- In the activation window, enter your CosmoLex Password and the Authenticator verification code.
- Click ENABLE.
Your Microsoft Authentication is now turned on at the firm level and for this admin user.
Enable for Other Users
Once enabled for the firm, the next time other users log in, they will be notified that Microsoft Authenticator has been enabled by the firm, and prompted with set up instructions.
Each user must complete the same three steps in order to log in.
- Install the Microsoft Authentication Application
- If already installed, search for ‘Authenticator’ app on your device, otherwise download from your app store (Apple, Google Play) by searching ‘Microsoft Authenticator’.
- Configure the Application
- In the Authenticator App, click the 3 dots at the top right and choose to add account.
- Choose ‘Other Account’.
- Scan the QR code. This will insert the account name and secret key automatically. If you cannot scan the QR code, enter the secret key manually and account name (e.g. CosmoLex) into your Authenticator app.
- You will now see that account added in your Authenticator App.
- Enter verification code
- In the Authenticator App, select this newly added account to see your verification code (note: this code refreshes every 30 seconds).
- In the activation window, enter the verification code.
- Click ENABLE.
Microsoft Authentication is now enabled for this user.
Any user can verify what two-factor authentication methods are enabled, by going to Setup > My Settings > Security
Logging in with Microsoft Authenticator
-
Once enabled, the next time a user logs into CosmoLex, the Two-Step Verification window will open with the instructions Please enter verification code from Microsoft Authenticator mobile application.
-
Enter the verification code and you will have access to your account. If you don’t want to repeat this step every time, check the box beside Remember this computer for 30 days.