When portal users/candidates sign in to your portal, they must verify their identity using their username and password/OTP. Multi-factor authentication (MFA) requires your portal users to additionally verify themselves via configured OTP authenticators while signing in. This enhances security by adding an extra layer of protection beyond just a username and password/OTP.
Benefits of Enabling MFA
- Enhanced Security:
Protects against unauthorised access even if the password is compromised. - Compliance with Security Standards:
Helps meet regulatory and organisational security requirements. - Improved Candidate Trust:
Users feel more confident knowing their account has an extra layer of protection.
Configuring MFA
Enabling & Setting Up MFA for Candidate Portal
Navigate to Setup > Portal Setup > Candidate Portal > Form Settings. Under Secure Access, click to Configure the Secure Access.MFA setup is complete, and candidates can now log in securely.

How does MFA work?
When MFA is enabled, candidates must authenticate their portal account using an authenticator app. During login, they need to enter the TOTP (Time-Based One-Time Password) generated by the app.
Candidate Signup/Login with MFA Enabled on Portal
When MFA is enabled, candidates must complete a one-time setup process using an authenticator app. After setup, they will need to either enter the authenticator code or scan the QR code from the app during login.
- Access your portal Sign In page and enter your email address, then click Next.

- In the password field, type your password and Sign in.

- A screen prompt to configure OTP Authenticator MFA will appear. Click Configure beneath the OTP Authenticator card.

- The Set up OTP Authenticator pop-up will appear, in which a QR code and an alphanumeric code will be shown. Click Next after performing either of the following:
- To register using a QR code, use the authenticator app (in your mobile) to scan the QR code displayed on the screen.
- To register manually, enter the alphanumeric code displayed on the screen into the authenticator app on your device.

- An OTP will be generated on your app. Click Verify after entering this OTP in the input box within the OTP Authenticator card.

- Download or Copy and paste the codes somewhere where you can easily recover them when required

- Click Continue to Sign in.
Candidate Login with TOTP after MFA Configuration
After setting up MFA, the candidate must enter a TOTP during each Log in.
- On the Candidate Portal Login screen, enter your TOTP from your authenticator app into the Enter TOTP field. Click the Login button.

- After entering your TOTP and signing in successfully, a prompt appears asking if you want to trust this browser.
- Click Trust to avoid entering TOTP for the next 180 days on this browser.
- If you prefer not to trust the browser, click Not now to proceed without saving the browser.

Can't Access Your Device?
If you cannot access your device to retrieve the TOTP, follow these steps:
- On the Candidate Portal Login screen, click Can't access your device?
- You will see two options:
- Use backup verification code: If you have a 12-digit backup code, select this option. Proceed to the next section for instructions.
- Contact Administrator: If you do not have a backup code, click Contact Administrator. Follow the instructions to visit the company website and reach out to the designated administrator for MFA reset assistance.

Steps for Using a Backup Verification Code:
- If you have a backup verification code, click Use backup verification code.
- Enter the 12-digit backup verification code in the provided input field and Click Verify.

Disabling MFA
To disable MFA:
- Navigate to Setup > Portal Setup > Candidate Portal > Form Settings.
- Under Secure Access, click Remove > Disable.
- Confirm your action in the pop-up.

Resetting MFA for Candidate Login
If a candidate loses access to their MFA-enabled device, administrators can reset their MFA by following these steps:
- Navigate to the candidate's record where MFA needs to be reset.
- Click on the top-right menu.
- Select Reset Candidate Login MFA.

- Confirm the reset action.
Once the MFA is reset, the candidate will be required to set up MFA again during their next login to the candidate portal.
Use Case: Lost or Inaccessible Devices
This reset process is useful when a candidate:
- Loses their registered MFA device
- Replaces their device and can no longer access the authentication app
- Encounters issues with their current MFA setup
By resetting the MFA, administrators ensure the candidate can regain access securely while maintaining account protection.
Candidate Portal Manage MFA
Candidates can manage their Multi-Factor Authentication (MFA) if needed:
- Log in to the Candidate Portal.
- Click on your profile photo.
- If MFA is already enabled, click on Manage MFA to update or make changes.
