Use this link to share with your colleagues:
Using Multi-Factor Authentication (MFA): https://help.pm.leapevent.tech/a/1992972
When logging into your PatronManager account, you'll need to use multi-factor authentication (MFA) to verify your login. This ensures that your data and account is secure! This article shares essential information about MFA and how to set it up for your user.
What is MFA?
Multi-Factor Authentication adds another layer of security to your login process by requiring users to enter two or more pieces of evidence — or factors — to prove they’re who they say they are. One factor is something the user knows, such as their username and password. Other factors are verification methods that the user has in their possession, such as an authenticator app on their phone. A familiar example of MFA at work is the two factors needed to withdraw money from an ATM. Your ATM card is something that you have and your PIN is something you know.
By tying user access to multiple, different types of authentication factors, it’s much harder for a bad actor to access your PatronManager account. For example, even if a user’s password is stolen, the odds are very low that an attacker will also be able to guess or hack a code from the user’s authentication app.
What are my options for MFA?
MFA typically uses a special app that you install on your phone or a physical security key that you place into your device. That means you'll need to have your phone or security key with you every time you log in to PatronManager.
Some organizations may use other methods, like a password manager (e.g., LastPass or 1Password) or your device's biometric recognition (e.g., Apple Touch ID or Windows Hello). These other options may require additional setup steps from Salesforce, which we've linked to above.
Even if you choose to use a password manager or physical security key, we recommend setting up an authenticator app on your phone as well as a backup!
In general, we recommend that each user set up 2 different MFA methods.
How to connect an authenticator
1. Go to log into PatronManager
This may be from an invitation to log in for the first time, or it may be after logging in by entering your Username and Password.
2. You'll see a prompt like this
3. Download the app you wish to use on your phone, if you haven't already
For Android, find your app in the Google Play Store; for iOS, find it in the App Store. Download either the Salesforce Authenticator app, or the third-party app your organization has approved. If you're not sure which app to use, talk to your manager.
4. Connect your primary authentication method
The steps will vary depending on the method you chose.
Even if a physical security key or password will be your primary authentication method, we recommend setting it up after setting up a different method.
If you're using Salesforce Authenticator, the system will walk you through entering a unique two-word phrase from your phone onto your computer to connect the app. Everything will be done via on-screen prompts!
To use another third-party app like Google Authenticator or Authy, click "Choose another verification method"
Then select "Use verification codes from an authenticator app" and click Continue
Follow the on-screen instructions to connect the app to your PatronManager login
The system will walk you through scanning the code that appears on the screen in the app, which will connect the app to your login once you scan and click Connect.
If you're not able to scan the code, you can click "I Can't Scan the QR Code", which will give you a string of text you can type into the app instead.
5. Enable physical security keys for your users (optional)
If you plan to let your organization use physical security keys, like Yubikey or Google Titan key, for MFA then you'll need to enable that for everyone with steps 4.1-4.3.
6. Enable password managers for your users (optional)
If you plan to let your organization use password managers, like LastPass or 1Password, for MFA, then you'll need to enable it with the steps here.
7. Enable biometric recognition for your users (optional)
If you plan to let your organization use biometric recognition built into their devices, like Touch ID or Windows Hello, you'll need to enable it with these steps.
8. Connect your secondary authentication method
The steps will vary depending on the method you chose.
If you're using Salesforce Authenticator, the next time you go to log in, the system will walk you through entering a unique two-word phrase from your phone onto your computer to connect the app. Everything will be done via on-screen prompts!
To use another third-party app like Google Authenticator or Authy, the next time you log in and are prompted to verify your login, click "Having Trouble?"
Then click "Use a Different Verification Method"
Click "Use a Different Verification Method" again
Then select "Use verification codes from an authenticator app" and click Continue
Follow the on-screen instructions to connect the app to your PatronManager login
The system will walk you through scanning the code that appears on the screen in the app, which will connect the app to your login once you scan and click Connect.
If you're not able to scan the code, you can click "I Can't Scan the QR Code", which will give you a string of text you can type into the app instead.
To link a biometric recognition method, while logged in follow the steps here.
To link a physical security key, while logged in follow the steps here.
To link a password manager, whil logged in follow the steps here.
What if I forget my phone, lose my phone, or get a new phone?
No need to worry! We've got some steps for you right here.