MFA (multi-factor authentication) is an authentication method in which a participant is granted platform access only after successfully presenting two or more pieces of evidence (factors) to an authentication mechanism. The Questis platform supports two methods of MFA - OTP and SMS. If enabled on your organization, you will find the ability to enable the security setting within your Profile > Security.
- OTP (One Time Password): *Preferred* This method of MFA requires that you download a third party authentication product to your mobile device (such as Authy or Google Authenticator). Upon enabling this method of MFA, you will be presented with a QR code to scan with your authentication application one time. Going forward, your authentication application will provide you with a code (the one time password) at every login.
- SMS (Short Message Service aka Text Message): This method of MFA requires that you have a mobile phone number associated with your profile. You will be sent a verification code via SMS to that mobile phone number after providing the correct username/password when logging in. The verification code must be entered during the login process to be able to access your account.