Feature Activation Request

If your agency is interested in using MFA it can be enabled by NinjaCat at your request. Contact the main NinjaCat user in your agency. They will reach out to and partner with your agency's Customer Success Manager here at NinjaCat to begin the process. If you aren’t aware of your Customer Success Manager contact our Customer Advocate Team through support. They will contact your agency’s Customer Success Manager and the documented point of contact for your agency will be consulted on the request, implementation, and result of the heightened security provided by MFA.

Multiple Modes for MFA

Once MFA is enabled there are two choices for its implementation.

Optional

• When set to optional users can turn on MFA for their user account. Once MFA is enabled, users must go through a one-time initial setup. After the initial setup is complete, users must provide a six-digit verification code to log in to NinjaCat.

• • • 'Optional' Setting one-time initial set up:

      • Click on Name in the top right corner
      • Click on 'Profile'
      • Click on the Lock icon next to MFA on the user profile screen
      • Click on the 'Enable MFA' button on the right of the screen
      • Enter your Password and click 'OK' to verify

      

      • Write down MFA 'Secret' and store it securely
      • Use the Authorization App to create an account, scan the QR code, and receive the six-digit code.
        • We recommend Authy - Android | iOS and Google Authenticator - Android | iOS
      • The next time the user logs in they will be required to enter the six-digit verification code from their mobile device.

Always On

• All users must use MFA when 'always on'. Once MFA is enabled, users must go through a one-time initial setup. After the initial setup is complete, users must provide a six-digit code to log in to NinjaCat.

Initial Set Up

The first time a user logs in after MFA is enabled they will be prompted to perform the setup steps explained on the login screen:

1. Download an authentication app of your choice. 
Authy for Android | iOS 
Google Authenticator for Android | iOS 
2. Open your authenticator app. 
3. Add a QR code and enable permissions for the camera 
4. Take a picture of the QR Code on this page 
5. Enter the 6-digit code into the field below

Mobile device setup example from Authy:

Expected Log-In Behavior

After the initial setup, the user will have to have their mobile device with them whenever they log in to NinjaCat to receive the required six-digit verification code from their authentication app. Likewise, if the mobile device is lost, damaged, or stolen the six-digit verification code will not be available and the user won’t be able to log in to NinjaCat.

For that reason the suggestion in the set up steps to write down the MFA “secret” and securely store it is strongly recommended so that a new device can be connected to the already present authentication account. If the original mobile device AND  the MFA “secret” are both unavailable the Customer Advocate Team will be able to reset the MFA status for a user to allow a new authentication account to be created and a new mobile device linked.