With Multi Factor Authentication (MFA), you can add an authentication layer on top of the existing OTP/Password while logging into a Leegality account - to further safeguard against unauthorised access of Leegality from within your organization.
With MFA activated, whoever is trying to log into a Leegality account has the required password/OTP access along with access to a third party authenticator app that generates time based OTPs (TOTPs) every 30 seconds. Each TOTP is valid for 60 seconds.
Click on account on your homepage
Click on Settings and them Multi-Factor Authentication
Toggle on “Enable Multi-factor Authentication” and follow the steps mentioned i.e.
Scan the QR code provided from your mobile phone using a third party authenticator app such as Google Authenticator.
Follow the below steps to install the authenticator:-
Download the authenticator from your relevant app store. (List of common authenticators provided at the end of the document)
On the setup page of the app - Scan the QR code on the Leegality page
Add the recognized profile into your authenticator
Your MFA authenticator profile is set-up.
The code mentioned in the authenticator app will keep changing every 30 seconds and will be valid for 30 seconds after it has changed.
Enter the code shown in the authenticator app in the input box below to enable multi factor authentication for your account.
Your MFA set-up is now active.
In addition to the OTP/Password an additional TOTP will now have to be provided every time a user logs into their account.
Once the user inputs the Username and OTP/Password a pop-up window will appear requesting an authorization TOTP which has to be accessed from the authenticator app for the concerned user.
In the same settings menu, enter the latest code generated in the authenticator app and enter in the input field and turn the toggle off.
A total of 5 login attempts will be given to the user i.e. In case the OTP/Password (attempts) + Authorization TOTP (attempts) exceed 5, the user will be locked out of their account and a recovery email/SMS will be sent to their username to unlock the account.
The authorization OTP (authenticator OTP) will be valid for a total of 60 seconds. Thus a TOTP will remain valid for 1 cycle after it disappears from the authenticator app, and a new TOTP is displayed on the app.
There is an overlap of validity for 30 seconds between 2 consecutive OTPs.
Authorization OTPs will be consistent across all authenticator apps.
Multi-factor authentication is a user level setting and will have to be set up individually in each user account of the organization.
Multi-factor authentication is also applicable when a Leegality User (with auto-save toggled on/ in case 1FA or 2FA is enabled) accesses a document via a link i.e. from the completion email or the signing update email - Preview link, and the user will have to go through MFA in order to view the document.
In case multi-factor authentication is de-activated and an attempt is made to re-activate it - The profile setup process will have to be repeated in the authenticator app.
We have used Google authenticator as a basis for this article, other apps may have a slightly modified setup flow.
Leegality also supports “Twilio’s - Authy 2-Factor Authentication” and “Zoho’s - OneAuth - Multi Factor Authenticator” among others.