Skip to main content

Search

Knowledge Center

Updating Your User Preferences: Multi-Factor Authentication

Purpose Statement

Multi-Factor Authentication (MFA) adds an essential security layer to your First Due account by requiring a second form of verification beyond your username and password. This feature significantly reduces the risk of unauthorized access to sensitive emergency services data and ensures compliance with cybersecurity best practices for public safety organizations.

Background Information

MFA is a critical security measure that protects First Due accounts from unauthorized access, particularly important for emergency services organizations handling sensitive patient data, incident reports, and operational information. The system uses time-based one-time passwords (TOTP) generated by authenticator applications on your mobile device. This process is required for all users and takes only a few minutes to set up initially.

Required Permissions

Your Administration must turn on the requirement for Multi-Factor Authentication.  

The only permission needed is: User Preferences - Update

Video

 

Step-by-Step Guide

 

Step 1: Access Your User Preferences

  1. Click the First Due logo, then select your name and settings

  1. Select Multi-Factor Authentication from the menu
     

 

Step 2: Initiate MFA Setup

  1. Click the Set up MFA button to begin the configuration process
     
  1. The system will display a setup screen with two authentication options
     

Step 3: Configure Your Authenticator App

Choose one of the following methods to connect your authenticator app:

Option A: QR Code Method (Recommended)

  1. Open your preferred authenticator app (Google Authenticator, Microsoft Authenticator, Authy, etc.)
  2. Use the app's camera to scan the QR code displayed on screen
  3. The app will automatically add your First Due account

Option B: Manual Entry Method

  1. Open your authenticator app and select "Add Account Manually"
  2. Click the eye icon next to the manual entry code to reveal the characters
  3. Enter the displayed code into your authenticator app
  4. Add "First Due" as the account name for easy identification

Step 4: Complete Setup Verification

  1. Click Next to proceed to the verification step
  2. Open your authenticator app and locate the 6-digit code for First Due
  3. Enter the current code in the verification field
  4. Click Verify to complete the setup process
     

Step 5: Confirm Successful Setup

  1. If setup is successful, you'll see a confirmation message
  2. Your MFA is now active and will be required for all future logins
     

Best Practices

Authenticator App Selection:

  • Use reputable authenticator apps like Google Authenticator, Microsoft Authenticator, or Authy
  • Consider using an app that offers cloud backup features for account recovery

Security Recommendations:

  • Complete MFA setup immediately when prompted by your organization
  • Keep your mobile device secure with a screen lock
  • Don't screenshot or share QR codes or manual entry codes
  • Test your MFA login process after initial setup

Account Management:

  • Set up MFA on a device you regularly carry
  • Inform your IT administrator if you need to reset MFA due to device loss
  • Consider having a backup authenticator app on a secondary device

Troubleshooting & FAQs

Q: What if the QR code won't scan? 

A: Use the manual entry method instead. Click the eye icon to reveal the code and enter it manually into your authenticator app.

Q: The verification code isn't working. What should I do? 

A: Ensure your device's time is synchronized correctly. Time-based codes are sensitive to clock differences. If issues persist, restart the setup process.

Q: What happens if I lose my phone with the authenticator app? 

A: Contact your system administrator immediately. They can reset your MFA settings so you can set up authentication on a new device.

Q: Can I use SMS for MFA instead of an authenticator app? 

A: First Due uses authenticator apps for enhanced security. SMS-based authentication is not supported.

Q: How often will I need to enter MFA codes? 

A: You'll need to enter an MFA code each time you log into First Due, or when your session expires for security reasons.

Q: Can I disable MFA once it's set up? 

A: MFA requirements are typically set by your organization's security policy. Contact your administrator if you need to modify MFA settings.