Rhinogram

Rhinogram enables Multi Factor Authorization(MFA) using Auth0 Guardian MFA and Google Authenticator. Any user in Rhinogram that is not logging into an SSO Enabled organization can utilize MFA by going to their profile page and selecting the “Enable MFA” button. 

This will send an email invitation to join MFA but will also enable MFA automatically and on the next login will force the user to enroll a device for MFA.  On the next login the user will be prompted to enroll by using an app such as “Google Authenticator”.

With an authenticator app the user will scan the bar code in the example above and the app will enroll the device and begin providing 6 digit keys.  Enter the current 6 digit keys in the passcode prompt and click the arrow and the account will now be enrolled.

The user will also have the option of saving a recovery key in the event they lose the device or the app.

Once enabled it can be disabled by logging in and going back to the profile page and selecting the “Disable MFA” button. If the user loses the device or loses the ability to generate an MFA code an administrator can open the profile for the member and click the “Reset MFA” to enable the member to go through the enrollment process again, or “Disable MFA” to completely remove MFA from that members account.

If an organization wants to force all members to use MFA a CCR can open the profile for the organization and select the “MFA Required” button. This will force all users who login to that organization to enroll into MFA during the login process.

Again if a member loses the device or the ability to generate an MFA token an administrator can open the profile for the member and click the “Reset MFA” to enable the member to go through the enrollment process again, or “Disable MFA” to completely remove MFA from that members account.