Updating Your User Preferences: Multi-Factor Authentication

Updating Your User Preferences: Multi-Factor Authentication

Purpose Statement

Multi-Factor Authentication (MFA) adds an essential security layer to your First Due account by requiring a second form of verification beyond your username and password. This feature significantly reduces the risk of unauthorized access to sensitive emergency services data and ensures compliance with cybersecurity best practices for public safety organizations.

Background Information

MFA is a critical security measure that protects First Due accounts from unauthorized access, particularly important for emergency services organizations handling sensitive patient data, incident reports, and operational information. The system uses time-based one-time passwords (TOTP) generated by authenticator applications on your mobile device. This process is required for all users and takes only a few minutes to set up initially.

Required Permissions

Your Administration must turn on the requirement for Multi-Factor Authentication. 

The only permission needed is: User Preferences - Update

Video


Step-by-Step Guide

Step 1: Access Your User Preferences

  1. Click your name in the upper right-hand corner of the First Due interface



  1. Select Multi-Factor Authentication from the menu


Step 2: Initiate MFA Setup

  1. Click the Set up MFA button to begin the configuration process



  1. The system will display a setup screen with two authentication options



Step 3: Configure Your Authenticator App

Choose one of the following methods to connect your authenticator app:

Option A: QR Code Method (Recommended)

  1. Open your preferred authenticator app (Google Authenticator, Microsoft Authenticator, Authy, etc.)
  2. Use the app's camera to scan the QR code displayed on screen
  3. The app will automatically add your First Due account

Option B: Manual Entry Method

  1. Open your authenticator app and select "Add Account Manually"
  2. Click the eye icon next to the manual entry code to reveal the characters
  3. Enter the displayed code into your authenticator app
  4. Add "First Due" as the account name for easy identification

Step 4: Complete Setup Verification

  1. Click Next to proceed to the verification step
  2. Open your authenticator app and locate the 6-digit code for First Due
  3. Enter the current code in the verification field
  4. Click Verify to complete the setup process



Step 5: Confirm Successful Setup

  1. If setup is successful, you'll see a confirmation message
  2. Your MFA is now active and will be required for all future logins



Best Practices

Authenticator App Selection:

  • Use reputable authenticator apps like Google Authenticator, Microsoft Authenticator, or Authy
  • Consider using an app that offers cloud backup features for account recovery

Security Recommendations:

  • Complete MFA setup immediately when prompted by your organization
  • Keep your mobile device secure with a screen lock
  • Don't screenshot or share QR codes or manual entry codes
  • Test your MFA login process after initial setup

Account Management:

  • Set up MFA on a device you regularly carry
  • Inform your IT administrator if you need to reset MFA due to device loss
  • Consider having a backup authenticator app on a secondary device

Troubleshooting & FAQs

Q: What if the QR code won't scan? A: Use the manual entry method instead. Click the eye icon to reveal the code and enter it manually into your authenticator app.

Q: The verification code isn't working. What should I do? A: Ensure your device's time is synchronized correctly. Time-based codes are sensitive to clock differences. If issues persist, restart the setup process.

Q: What happens if I lose my phone with the authenticator app? A: Contact your system administrator immediately. They can reset your MFA settings so you can set up authentication on a new device.

Q: Can I use SMS for MFA instead of an authenticator app? A: First Due uses authenticator apps for enhanced security. SMS-based authentication is not supported.

Q: How often will I need to enter MFA codes? A: You'll need to enter an MFA code each time you log into First Due, or when your session expires for security reasons.

Q: Can I disable MFA once it's set up? A: MFA requirements are typically set by your organization's security policy. Contact your administrator if you need to modify MFA settings.


    • Related Articles

    • Updating Your User Preferences: User Token

      Purpose Statement The API token feature allows users to generate secure authentication tokens for accessing First Due's Application Programming Interface (API). These tokens enable automated data exchange and integration between First Due and ...

    • Creating or Updating a Role: Configuration

      Purpose Statement Roles and Permissions allow administrators to create and manage custom user roles within First Due. This feature enables departments to define specific access levels, security requirements, and operational permissions tailored to ...

    • Updating Your User Preferences: Notifications

      Purpose Statement User notification preferences allow personnel to customize how they receive important communications from the First Due platform, including push notifications, dispatch messages, family SMS alerts, and messaging options. This ...

    • Updating your User Profile: Reference Images

      Purpose Statement The Time Clock Reference Images feature enables personnel to capture and maintain photo verification for time clock entries in the First Due system. This feature ensures accurate identity verification for clock-in/clock-out ...

    • Updating Your User Preferences: My Personnel Record

      Purpose Statement The My Personnel Record feature provides Fire/EMS personnel with a comprehensive, centralized view of their personal employment information within the First Due platform. This feature allows users to access and review their complete ...