Multi Factor Authentication (MFA)

Multi Factor Authentication (MFA)

With Multi-Factor Authentication (MFA), you can add an authentication layer on top of the existing OTP/Password while logging into a Leegality account - to further safeguard against unauthorized access of Leegality from within your organization. 


With MFA activated, whoever is trying to log into a Leegality account has the required password/OTP access along with access to a third-party authenticator app that generates time-based OTPs (TOTPs) every 30 seconds. Each TOTP is valid for 60 seconds.


How to reach MFA

  1. Click on account on your homepage

  2. Click on Settings and them Multi-Factor Authentication

How to activate Multi-factor authentication

  1. Press the “Enable” button and follow the steps mentioned i.e.

    1. Download a Third Party Authenticator application like Google Authenticator on your mobile.

    2. Scan the QR code provided from your mobile phone using the authenticator downloaded in the previous step
      Follow the below steps to install the authenticator:-

      1. Download the authenticator from your relevant app store (Resources)



  1. On the setup page of the app - Scan the QR code on the Leegality page



  1. Add the recognized profile into your authenticator

  1. Your MFA authenticator profile is set-up.

    The code mentioned in the authenticator app will keep changing every 30 seconds and will be valid for 30 seconds after it has changed.

  1. Enter the OTP shown in the Authenticator app for Leegality (email@organisation.com).




Your MFA set-up is now active.


Multi-Factor authentication during Login

In addition to the OTP/Password an additional TOTP will now have to be provided every time a user logs into their account.


Once the user inputs the Username and OTP/Password a pop-up window will appear requesting an authorization TOTP which has to be accessed from the authenticator app for the concerned user.



De-activating Multi-Factor authentication

In the same Multi-Factor Authentication tab:

  1. Click on the Diable button

  2. Enter the latest OTP generated in the authenticator app for Leegality (email@organisation.com)

  3. Press the “Validate OTP & Disable” button.



Things to note:-


  • A total of 5 login attempts will be given to the user i.e. In case the OTP/Password (attempts) + Authorization TOTP (attempts) exceed 5, the user will be locked out of their account and a recovery email/SMS will be sent to their username to unlock the account.

  • The authorization OTP (authenticator OTP) will be valid for a total of 60 seconds.  Thus a TOTP will remain valid for 1 cycle after it disappears from the authenticator app, and a new TOTP is displayed on the app.


There is an overlap of validity for 30 seconds between 2 consecutive OTPs.

  • Authorization OTPs will be consistent across all authenticator apps. 

  • Multi-factor authentication is a user-level setting and will have to be set up individually in each user account of the organization.

  • Multi-factor authentication is also applicable when a Leegality User (with auto-save toggled on/ in case 1FA or 2FA is enabled) accesses a document via a link i.e. from the completion email or the signing update email - Preview link, and the user will have to go through MFA in order to view the document.

  • In case multi-factor authentication is de-activated and an attempt is made to re-activate it - The profile setup process will have to be repeated in the authenticator app.

  • We have used Google authenticator as a basis for this article, other apps may have a slightly modified setup flow.


Industry-standard authenticator apps supported by Leegality:



Leegality also supports “Twilio’s - Authy 2-Factor Authentication” and “Zoho’s - OneAuth - Multi-Factor Authenticator” among others.



    • Related Articles

    • Two-factor Authentication (2FA) during signing

      Description Two-factor Authentication (2FA) during signing is a security feature that ensures the authenticity of the signer of a document.  2FA mandatorily requires a sender to specify both the email address and the phone number of the signer. The ...
    • Webhook Authentication

      Webhooks enable the communication of invitation status and signed documents to your application. Previously, a standard webhook structure was available for such needs. You may also add additional header parameters to the webhook calls for ...
    • Multi Pdf Upload

      Description The multi-pdf feature allows the sender to merge multiple pdfs within Leegality instead of manually merging the document using external softwares. This feature also extends to the Leegality template engine where the pdfs can be appended ...
    • Nesl Multi stamping

      This feature helps the sender to affix multiple stamp papers to the documents signed via NeSL eSign. Steps to configure NeSL Multi Stamping  Step 1: Configure at least one invitee with NeSL sign to use multiple stamp papers, and then click on ...
    • Security

      The security tab allows you to configure certain safeguards for your signing invitations/documents. In case a security setting is turned on it will be enforced upon all the documents created via new document flow and Workflow creation. If the ...