How to enableMulti-factor Authentication in RotaMaster
Multi-factor Authentication (MFA) allows organisations to add an extra layer of security to the login process of RotaMaster. The below guide will walk you through how this is set up on your RotaMaster system.
Enabling MFA in RotaMaster
To enable MFA on RotaMaster, you should contact the RotaMaster support team and ask for it to be enabled. Before doing so, you should read this guide to ensure you fully understand the functionality and the changes that will be made to your system once MFA is enabled.
There are two settings the support team can enable for you.
The setting 'Enable External Authentication' will migrate your user accounts to start using their email addresses as their usernames.To learn more about user accounts migrating, please see our userguide:https://help.rotamaster.co.uk/knowledge/migrating-admin-accounts
The setting 'Enable Multi-factor Authentication' ensures that your RotaMaster users (system admins, local admins and users) and staff will not be able to access RotaMaster or Staff Hub without setting up and using Multi-factor Authentication.
MFA Super User Permissions
The support team will also grant one user with the relevant super user permission for MFA. You can specify who you wish this to be, and that user can grant the permission to any other relevant users.
Anyone with the permission to unlink devices will be able to unlink users devices when they forget their device, or get a new device and can no longer access the device they have used to set up MFA. Any admin user with this super user permission will receive an email when another admin user cannot access their device.
To learn more about unlinking devices, please see our guide here:
Member Devices email
For each Rota Group, in 'Staff Hub Emails' you should ensure the 'Member Devices' email field contains the email addresses of anyone you wish to be notified should a staff member forget their device and need their device to be unlinked from their account.