Introduction
In this article, you will learn how to require members of a specific program to set up their Multi-factor Authentication (MFA) login method to use the site. These steps can be done by the Client Admin, in the Administration Portal (Reward Manager).
Considerations
It is important to consider whether you have a significant employee population without access to smartphones or a computer, as they will not be able to use MFA.
Ensure you are familiar with the impact to the user journey, as once MFA is enabled. The user will need access to an authenticator app (either on a smartphone or desktop), each time they want to access the RG website. See the section on the Help Center for a full list of these guides: Multi-factor Authentication.
Setup
1. Log into Reward Manager
2. Select the Security option:
Note: If you can't see the Security option, you may not have permission to edit security settings. Contact Client Support if you would like to obtain permissions.
3. Select Login Challenges:
4. Under Enforce Multi-Factor Authentication? you can turn on MFA by ticking the box called; If selected, members will be required to set up their Multi-Factor Authentication:
Note: Enabling this option will require the programme's members to have MFA enabled on their accounts. To have fine-grained control of which members need to use MFA, you can place them in a Segment.
Segments are configured within the Segment Manager. For more information, see Creating Segments with Segment Manager.
5. In the Custom message for users textbox, you can enter a message that you want your employees to see, when they reach the MFA sign up page.
This can give your employees better clarity on the reasoning behind enforcing them to use MFA.
Changes to the Login User Journey
Once MFA is enforced, members who have not set up their MFA will be asked to do so, as soon as they log in. Members who have previously set it up will be unaffected.
Keep in mind that turning this option on will take effect immediately on all members. This might interrupt some of the members’ actions on the website - their next selection or action on the site will bring them to the MFA setup page, if they haven't set up MFA yet.
Disabling the option will not affect any MFA methods already set up by members, it will only remove the requirement for setting it up to use the website.
MFA Availability
MFA options of SMS and authenticator apps, (like Authy) are both available via Reward Manager, SmartHub, the SmartSpending app and the Connect+ app.