Benefits of Enabling MFA  

1. Enhanced Security:
   Protects against unauthorised access even if the password is compromised.
2. Compliance with Security Standards:
   Helps meet regulatory and organisational security requirements.
3. Improved Candidate Trust:
   Users feel more confident knowing their account has an extra layer of protection.

Configuring MFA  

Enabling & Setting Up MFA for Candidate Portal

MFA setup is complete, and candidates can now log in securely.

How does MFA work?

1. Access your portal Sign In page and enter your email address, then click Next.
   
2. In the password field, type your password and Sign in.
   
3. A screen prompt to configure OTP Authenticator MFA will appear. Click Configure beneath the OTP Authenticator card.
   
4. The Set up OTP Authenticator pop-up will appear, in which a QR code and an alphanumeric code will be shown. Click Next after performing either of the following:
1. To register using a QR code, use the authenticator app (in your mobile) to scan the QR code displayed on the screen.
   
2. To register manually, enter the alphanumeric code displayed on the screen into the authenticator app on your device.
   
5. An OTP will be generated on your app. Click Verify after entering this OTP in the input box within the OTP Authenticator card.
   
6. Download or Copy and paste the codes somewhere where you can easily recover them when required
   
7. Click Continue to Sign in.

Candidate Login with TOTP  after MFA Configuration
After setting up MFA, the candidate must enter a TOTP during each Log in.

1. On the Candidate Portal Login screen, enter your TOTP from your authenticator app into the Enter TOTP field. Click the Login button.
   
2. After entering your TOTP and signing in successfully, a prompt appears asking if you want to trust this browser.
1. Click Trust to avoid entering TOTP for the next 180 days on this browser.
   
2. If you prefer not to trust the browser, click Not now to proceed without saving the browser.
   

Can't Access Your Device?

1. On the Candidate Portal Login screen, click Can't access your device?
   
2. You will see two options:
   
1. Use backup verification code: If you have a 12-digit backup code, select this option. Proceed to the next section for instructions.
   
2. Contact Administrator: If you do not have a backup code, click Contact Administrator. Follow the instructions to visit the company website and reach out to the designated administrator for MFA reset assistance.
   

Steps for Using a Backup Verification Code:  

1. If you have a backup verification code, click Use backup verification code.
   
2. ​Enter the 12-digit backup verification code in the provided input field and Click Verify.
   

Disabling MFA  

1. Navigate to Setup > Portal Setup > Candidate Portal > Form Settings.
   
2. Under Secure Access, click Remove > Disable.
   
3. Confirm your action in the pop-up.
   

Resetting MFA for Candidate Login

If a candidate loses access to their MFA-enabled device, administrators can reset their MFA by following these steps:

1. Navigate to the candidate's record where MFA needs to be reset.
   
2. Click on the top-right menu.
   
3. ​Select Reset Candidate Login MFA.
   
4. Confirm the reset action.
   

Use Case: Lost or Inaccessible Devices

1. Loses their registered MFA device
   
2. Replaces their device and can no longer access the authentication app
   
3. Encounters issues with their current MFA setup
   

Candidate Portal Manage MFA

1. Log in to the Candidate Portal.
   
2. Click on your profile photo.
   
3. If MFA is already enabled, click on Manage MFA to update or make changes.