Configure Multi-Factor Authentication (MFA)
    • 09 Aug 2024
    • 2 Minutes to read
    • PDF

    Configure Multi-Factor Authentication (MFA)

    • PDF

    Article summary

    Multi-Factor Authentication (MFA) is used to further secure your access to Red Canary. When enabled, we require a time-based one-time password (TOTP) code after you enter your username and password.

    Red Canary supports the following MFA standards-compliant MFA applications:

    • Google Authenticator

    • Duo Mobile

    • Microsoft Authenticator

    • Authy

    Codes can also be delivered via text message to the phone number set in your profile.

    Set up MFA for your account

    Depending on your access to Red Canary, the steps to take to enable MFA may differ. Follow the steps in the relevant section below:

    If you are able to log in

    1. Click your user profile at top right of Red Canary, and then click View profile.

    2. Scroll to the bottom, and under the Two Factor Authentication section, check Required.

    3. Verify current password by entering your current password and click Save. The screen will refresh and return you to the Red Canary home page.

    4. Click your user avatar at top right of Red Canary, and then click View profile.

    5. Under the Two Factor Authentication section, click Click here to show two factor authentication setup instructions.

    6. Download any of the listed MFA applications to your mobile device.

    7. Scan the QR code using your multi-factor authentication app.

    8. Enter the verification code generated by your app.

    9. Click Verify.

    Note: If you are not prompted for MFA when you first sign in after you set it up, clear your browser’s cache. Cached credentials from before you set up MFA can sometimes interfere with MFA.

    If you are not able to log in, and single sign-on is not enabled

    You can register a new device by resetting your password if you do not have access to the device currently used to receive TOTP codes:

    1. Visit the Red Canary login page and click Forgot?.

    2. Enter your email address and click Send me reset instructions.

    3. Follow the instructions in the Password Reset email.

    4. Once logged in, follow the instructions above, under the If you are able to log in section.

    If you are not able to log in, and single sign-on is enabled

    Any user with the Admin role can temporarily disable the MFA requirement for your account:

    1. Click your user profile at top right of Red Canary, and then click Users & Roles.

    2. Click the icon next to the desired user.

    3. Click Disable MFA.

    Frequently Asked Questions (FAQ)

    What if I didn't receive an SMS MFA code?

    Red Canary uses a highly reliable service provider to deliver SMS codes through carriers around the world. Almost all cases of messages not being delivered are the result of a carrier blocking certain messages. Check your phone or carrier's “unknown SMS” or “spam SMS” blocking settings.

    What if my app MFA code is not accepted?

    This is most often because the system time on your browser or mobile device is out of sync. Ensure your device has its system time set to “automatically update.” If you continue to have issues, restart your device.

    You can view how many seconds your system clock is off by visiting www.time.gov and reviewing “Your clock is off by.”

    What if I requested an SMS MFA code but received a “Page not found” or “Code could not be sent” error?

    Some combinations of browsers and ad-blocking extensions can cause certain HTTP POST requests to fail.

    If you click “Send an SMS code to” and receive a “Page Not Found” or “Code could not be sent” error, disable browser extensions and ensure you’re using a supported browser.

    What if I have a new MFA device?

    Follow the steps above to configure MFA.


    Was this article helpful?