Multi Factor Authentication (MFA)

Multi Factor Authentication (MFA)

With Multi Factor Authentication (MFA), you can add an authentication layer on top of the existing OTP/Password while logging into a Leegality account - to further safeguard against unauthorised access of Leegality from within your organization. 

With MFA activated, whoever is trying to log into a Leegality account has the required password/OTP access along with access to a third party authenticator app that generates time based OTPs (TOTPs) every 30 seconds. Each TOTP is valid for 60 seconds.

How to activate MFA

  1. Click on account on your homepage

  2. Click on Settings and them Multi-Factor Authentication

How to activate Multi-factor authentication

  1. Toggle on “Enable Multi-factor Authentication” and follow the steps mentioned i.e.

    1. Scan the QR code provided from your mobile phone using a third party authenticator app such as Google Authenticator.

      Follow the below steps to install the authenticator:-

      1. Download the authenticator from your relevant app store. (List of common authenticators provided at the end of the document)

  1. On the setup page of the app - Scan the QR code on the Leegality page

  1. Add the recognized profile into your authenticator

  1. Your MFA authenticator profile is set-up.

    The code mentioned in the authenticator app will keep changing every 30 seconds and will be valid for 30 seconds after it has changed.

  1. Enter the code shown in the authenticator app in the input box below to enable multi factor authentication for your account.

Your MFA set-up is now active.

Multi-Factor authentication during Login

In addition to the OTP/Password an additional TOTP will now have to be provided every time a user logs into their account.

Once the user inputs the Username and OTP/Password a pop-up window will appear requesting an authorization TOTP which has to be accessed from the authenticator app for the concerned user.

De-activating Multi-Factor authentication

In the same settings menu, enter the latest code generated in the authenticator app and enter in the input field and turn the toggle off.

Things to note

  • A total of 5 login attempts will be given to the user i.e. In case the OTP/Password (attempts) + Authorization TOTP (attempts) exceed 5, the user will be locked out of their account and a recovery email/SMS will be sent to their username to unlock the account.

  • The authorization OTP (authenticator OTP) will be valid for a total of 60 seconds.  Thus a TOTP will remain valid for 1 cycle after it disappears from the authenticator app, and a new TOTP is displayed on the app. There is an overlap of validity for 30 seconds between 2 consecutive OTPs.

  • Authorization OTPs will be consistent across all authenticator apps. 

  • Multi-factor authentication is a user level setting and will have to be set up individually in each user account of the organization.

  • Multi-factor authentication is also applicable when a Leegality User (with auto-save toggled on/ in case 1FA or 2FA is enabled) accesses a document via a link i.e. from the completion email or the signing update email - Preview link, and the user will have to go through MFA in order to view the document.

  • In case multi-factor authentication is de-activated and an attempt is made to re-activate it - The profile setup process will have to be repeated in the authenticator app.

  • We have used Google authenticator as a basis for this article, other apps may have a slightly modified setup flow.

Industry-standard authenticator apps supported by Leegality

Leegality also supports “Twilio’s - Authy 2-Factor Authentication” and “Zoho’s - OneAuth - Multi Factor Authenticator” among others.

    • Related Articles

    • Two-factor Authentication (2FA) during signing

      Description Two-factor Authentication (2FA) during signing is a security feature that ensures the authenticity of the signer of a document.  2FA mandatorily requires a sender to specify both the email address and the phone number of the signer. The ...
    • Multi Pdf Upload

      Description The multi-pdf feature allows the sender to merge multiple pdfs within Leegality instead of manually merging the document using external softwares. This feature also extends to the Leegality template engine where the pdfs can be appended ...
    • Reviewer Role

      Description The reviewer role is a non-signing invitee type where the invitee either approves or rejects a document sent to them. The purpose of this invitee type is to allow the sender to ensure that there is a review of the document before the same ...
    • NeSL eSign Signature Journey (OTP)

      ​ To eSign a document, open the invitation message from NeSL containing the eSign link.  The NeSL invitation will be sent on email as well as mobile.  SMS Invitation Template Email Invitation Template To begin, click on the eSign link in the ...
    • Automated Sign

      This feature allows you to automatically Virtual Sign and Digitally Sign (using the Document Signer Ceritificate) documents. This authentication instead of an OTP (as in the case of Secure Virtual Authentication) will happen through an Auth Token of ...