All users of the UM Foundation Report Manager are now required to use Multi-factor Authentication (MFA).

Multi-factor authentication is an authentication method which requires at least two factors of authentication to login. This is usually in the form of a password and a one-time code that is delivered via text or through an app on a mobile phone. This greatly reduces the risk of a third party compromising an account, because not only is a password required, but also access to the mobile device of the user.

The Foundation supports both the mobile app and SMS text methods for multi-factor authentication. The most secure method is to use a mobile app. However, the SMS text/phone method is the easiest to set up. The next time logging in, setting up one of these methods will be required.

Below are steps to set up MFA with the SMS text/phone method. Users who use the mobile app method will achieve greater security, but the set up process requires installing a mobile app on your phone and scanning a QR code for initial configuration. For brevity, only the SMS text/phone method is described below.

Step 1

Click next on the “More information required” card

Step 2

Select which multi-factor method to use.

To use text message method, select the “I want to set up a different method” option at the bottom of the card.

Step 3 (If You Choose “I want to set up a different method”)

Select “Phone” for the method drop down and click Confirm.

Step 4

Enter your phone number and click “Next”. 

Step 5

After receiving the text, enter the one-time 6-digit code and click Next.

Continue clicking Next until you reach the Done button.

If you are prompted to “Stay signed in?”, select Yes if you don’t want to be prompted to sign in again.

All Done!

In the future, an MFA one-time pass code may be required before accessing a report if your identity can not be determined.

For more information about multi-factor authentication, click here.

For more information on why mobile apps are more secure than text messages for generating one-time codes, click here or here.