Skip to main content

Overview

Multi-Factor Authentication (MFA) adds an additional security layer to your Elementum account by requiring a time-based verification code during login. Even if your password is compromised, unauthorized users cannot access your account without the code from your authenticator app. Key Benefits:
  • Reduced Risk: Compromised passwords alone cannot grant account access
  • Industry Standard: Uses TOTP (Time-based One-Time Password) protocol supported by all major authenticator apps
  • User Control: Enable or disable MFA from your account settings at any time
  • Simple Setup: Configure in minutes with any compatible authenticator app

Who Should Enable MFA

If your organization uses SSO with an Identity Provider that already enforces MFA (such as Okta or Azure AD with MFA policies), you may already have multi-factor protection at the IdP level.

Supported Authenticator Apps

MFA works with any authenticator app that supports the TOTP standard, including:
AppPlatformsNotes
Google AuthenticatoriOS, AndroidFree, simple interface
Microsoft AuthenticatoriOS, AndroidIncludes backup and cloud sync
Okta VerifyiOS, AndroidCommon in enterprise environments
1PasswordiOS, Android, DesktopIntegrated with password management
AuthyiOS, Android, DesktopMulti-device sync and backup
Duo MobileiOS, AndroidEnterprise-focused with push options

Set Up MFA

Before enabling MFA, ensure you have:
  • An Elementum account with password-based authentication
  • A smartphone or device with an authenticator app installed
  • Access to scan a QR code or manually enter a setup key
1

Navigate to Account Security

  1. Click your profile icon in the bottom-left corner of Elementum
  2. Navigate to the Security tab
2

Initiate MFA Setup

  1. Locate the Multi-Factor Authentication section
  2. Click Enable MFA to begin setup
  3. A QR code will be displayed on screen
3

Scan the QR Code

  1. Open your authenticator app on your mobile device
  2. Select the option to add a new account (usually a + icon)
  3. Choose Scan QR code or Scan barcode
  4. Point your device camera at the QR code displayed in Elementum
If you cannot scan the QR code (e.g., using a desktop authenticator or camera issues):
  1. Click Can’t scan? Enter code manually below the QR code
  2. Copy the secret key displayed
  3. In your authenticator app, select Enter setup key manually
  4. Enter:
    • Account name: Your Elementum email or “Elementum”
    • Secret key: Paste the copied key
    • Type: Time-based (TOTP)
4

Verify and Activate

  1. Your authenticator app will display a 6-digit code that refreshes every 30 seconds
  2. Enter the current code in the Verification code field in Elementum
  3. Click Verify and Enable
  4. You’ll see a confirmation message that MFA is now active
5

Confirm Setup Complete

After successful verification:
  • The MFA section will show Enabled status
  • Your next login will require both password and authenticator code
Important: Your authenticator app is now required for every login. Ensure you don’t uninstall the app or lose access to your device without first disabling MFA or setting up the app on a new device.

Log In with MFA

Once MFA is enabled, your login process includes an additional verification step:
  1. Navigate to the Elementum login page
  2. Enter your email and password, then click Log In
  3. When prompted, open your authenticator app and find your Elementum account entry
  4. Enter the 6-digit code currently displayed and click Verify
Codes refresh every 30 seconds. If your code is about to expire (timer nearly empty), wait for the next code to ensure you have enough time to enter it.

Manage MFA

View MFA Status

To check your current MFA status:
  1. Go to Account Settings > Security
  2. The Multi-Factor Authentication section displays:
    • Enabled: MFA is active on your account
    • Disabled: MFA is not configured

Disable MFA

Disabling MFA reduces your account security. Only disable if necessary, and re-enable as soon as possible.
To disable MFA:
  1. Go to Account Settings > Security
  2. In the Multi-Factor Authentication section, click Disable MFA
  3. Enter your password or current authenticator code when prompted
  4. Click Confirm to disable MFA

Best Practices

Choose an authenticator app that supports cloud backup or multi-device sync (Microsoft Authenticator, Authy, 1Password). This makes device transitions seamless and provides recovery options.
The QR code contains your secret key. Never share, screenshot, or store QR codes in unsecured locations.
Ensure your authenticator app is updated to the latest version for security patches and compatibility.
Before switching phones or resetting your device:
  1. Disable MFA in Elementum while you still have access
  2. Set up your new device
  3. Re-enable MFA with a fresh QR code scan
TOTP codes depend on accurate time. Enable automatic time sync on your device to prevent code validation issues.

MFA FAQ

Frequently asked questions about Multi-Factor Authentication

SSO Configuration

Configure Single Sign-On with SAML 2.0 for centralized authentication
Last updated: January 2025