Multi-Factor Authentication (MFA)

1. Once the MFA setup is complete, a first-time Setup Request page opens when the Username and Password are entered. Click the Set Up Now button to continue.

   

2. Select the method to verify your identity: Text or Email.

   

   • Email Method:

     Depending on your market requirements, you may not have access to email as an authentication option. See Phone Method below for further instructions.

     1. If Use your email to verify is selected, the system sends a unique six-digit code by email to the email address on the User Profile. This code is valid for 30 minutes from the time of issue. If a new code is needed, click the Resend link to receive a new code after 60 seconds.

     2. On the Let’s set up your email page, enter the 6-digit code and click Confirm to log in.

        If the email was not received, make sure to check you spam and junk folders for an email sent by help@hhaexchange.com. If you still can't find the email, click the Resend link after 60 seconds.

        

        Reauthentication is required every 30 days, as well as when the browser is changed or the cache is cleared.

   • Phone Method:

     1. If Use your phone to verify is selected, then the Let’s set up your phone page opens. Enter the mobile phone number in the Phone Number field and click Get code.

        

     2. The system sends a unique six-digit code to the mobile phone number entered. This code is valid for 30 minutes from the time of issue. On the Confirm that it works page, enter the 6-digit code and click Confirm to log in.

     3. If a new code is needed, wait 60 seconds and click the Resend link to receive a new code.

        

        Reauthentication is required every 30 days. A random and unique MFA code is sent to log into the system.

        

      

Complete the following steps to add a mobile phone number when one has not been established.

1. Click the Add a phone number link in the mobile phone section of Available MFA methods.

2. Enter the phone number in the New Phone Number field. Click Continue.

   

3. In the Enter the code field, type in the code sent to the mobile phone. Click Confirm to finalize.

   

Complete the following steps to change a mobile phone number.

1. Click the Change link In the mobile phone section of Available MFA methods.

   

2. Enter the New Phone Number, and then click Continue.

   

3. In the Enter the code field, type in the code sent to the mobile phone. Click Confirm to finalize.

   

Users subject to MFA can view and change their own MFA settings from the Enterprise Portal.

To change the MFA settings, click the MFA Settings link under the User Profile icon at top right. This link is only available to users who are subject to MFA.

The Multi-Factor Authentication Setting page opens. Changes can be made to the MFA Settings as explained below.

Users cannot disable Multi-Factor Authentication or change the email address from the MFA Settings page. When the email address is changed in the User Profile, the system prompts the user to set up MFA again on their next login.

Complete the following steps to remove a mobile phone number or email address from available MFA methods.

1. Click the Remove link from either the email address or mobile phone section of Available MFA methods.

   

   Only one method can be removed; either the email or mobile phone, not both.

2. Click the Remove button when prompted to confirm the removal.

   

Complete the following steps to change the default MFA method.

1. Click the Set as default link in the email address or mobile phone section of Available MFA methods.

   

2. A banner at the top of the MFA Settings page indicates that the default setting has been changed.