Establishing Multifactor Authentication (MFA) creates an additional layer of security for your organization and users. Only Managers and global Administrators can enable/disable this setting. Once the setting has been applied, all lender users will be required to enter a 6-digit code that is emailed to the end user upon every login to their account. NOTE: Enabling MFA is only applicable at the lender level and is not a setting available at the overall manager level. 

Content Includes:

• Enable Multifactor Authentication (MFA) Setting
• Receiving and Entering the MFA Code

Enable Multifactor Authentication (MFA) Setting

To enable Multifactor Authentication (MFA), Managers will need to access Relationships, select a lender to expand, and choose Edit Lender Settings. 

Expand the Security/Password Restrictions section. 

Select the box adjacent to Enable Multifactor Authentication and Save. Applying this setting will require all users under the lender, regardless of the divisions they may be associated with, to enter an MFA Code each time they login to their account. 

Receiving and Entering the MFA Code

Whenever users login to their account, they will be presented with the MFA Code screen. There will be a statement towards the top of the screen that explains why they are seeing the MFA screen and what action the user must take to access their account successfully. 

Users will receive a 2 Step Login email from support@appraisalfirewall.com. This email will contain the 6-digit code, which is randomized upon every MFA Code generation. The code that is generated is what the user will need to input on the MFA Code screen to access their account. 

The 2 Step Login email should arrive in the user's Inbox within 5-minutes of attempting to access their account. NOTE: If it has been longer than 5-minutes, we recommend users check their Spam/Junk folder. Should the code still not be found, please contact the appropriate Customer Service team.

Upon receipt, the MFA Code is valid for 30-minutes, which is stated in the email notification. 

Users will need to input the valid code and select the Submit button on the MFA Code screen. The system will authenticate the code and take the user to their dashboard.

Should the incorrect MFA Code be entered, users will see that the code was not accepted. 

If the user did not receive a code, the code expired after the 30-minute allotted timeframe, or inadvertently deleted the 2 Step Login email notification, etc., select the Resend Code link. This will generate and send a new email notification containing a different MFA code, so the user can proceed with accessing their dashboard.