Troubleshooting MFA sign-in

The following tips will help you troubleshoot a sign-in issue when you use IT Glue's multi-factor authentication (MFA) solution. Note: If your administrator has turned on enforced MFA, you will be required to enable MFA even if you previously signed in without it. 

To sign in with IT Glue MFA, you need three separate bits of information:

  • Your username
  • Your password
  • A numeric code generated by an authenticator app on your mobile phone

How do I sign in without my phone?

If you forgot to bring your mobile device with you to work or the battery is depleted, you can use your one-time recovery code instead of the code generated by the authenticator app. The recovery code looks something like:

 3aa7d3d1776f71d5

You will need to enter your recovery code into the MFA Code field when you sign in. The recovery code can only be used once.

Sign-in-using-MFA-recovery-code.png

IT Glue will not disable MFA after you sign in, so if you need to sign in again without your mobile device, you have two options:

  1. Navigate to the Edit Profile screen and generate a new recovery code to store in a secure place for later use.
  2. Alternatively, you can disable MFA from your profile only if MFA is not enforced on your IT Glue account. Enforced MFA is when all users of the account are required to enable MFA. If MFA is enforced, you will be forced to set up MFA at your next sign in.

If you don't do one of these two options, and then you sign out of your account, you won't be able to sign in again.

How do I reset my MFA?

Follow these instructions if you need to reset your MFA for any reason (e.g. to replace or factory reset your mobile device). After it is reset, you can enable your MFA again.

You have a recovery code

Enter your recovery code into the MFA Code field when you sign in and then reset your MFA by disabling and re-enabling it in your profile. Set up MFA access again by scanning the QR code, and then make sure you save a new recovery code for future use.

You don't have a recovery code

An Administrator can reset your MFA:

  1. Under Account > Users, click the pencil icon next to the user on the far right.
  2. On the Edit User screen, click the Reset MFA link to immediately reset the user's MFA. The user will be prompted to re-enable MFA again when they sign in.

Or, see Recovering a lost MFA code for an Administrator if you are the only Administrator on your account.

I am having MFA sign-in errors / codes aren't working. 

  • Double check the accuracy of the clock on your mobile device. The time-based security code will not validate if the codes are out of sync. Setting your device to be synced with the internet time is essential.
  • If the time on your authenticator app is not synced correctly, the MFA activation or sign-in attempt may be unsuccessful.

    If you are using Google Authenticator:
    1. From Google Authenticator, navigate to the main menu.
    2. Click Settings.
    3. Click Time correction for codes.
    4. Click Sync now.

    On the next screen, the app will confirm that the time has been synced, and you can now sign in. This only affects the time of your authenticator app and will not change your device’s date and time settings.

  • Reboot your phone.

After several failed sign-in attempts, your account will be locked. Once it's locked, you will have to check your email for unlock instructions before you can try again.

 

Related articles

Was this article helpful?
2 out of 7 found this helpful
Have more questions? Contact us