Multi-Factor Authentication (MFA)

PractiTest Multi-factor authentication (MFA) provides users with an extra security layer in addition to the regular login process: username and password. Thus from now on, users will be protected from brute force and social engineering attacks. Find more information about MFA approach here

By default MFA is turned off, please contact support at support@practitest.com to activate it for your account.

When MFA is activated, users can easily enable it within Personal Settings

There are two types of MFA that PractiTest supports: Virtual MFA and SMS MFA

MFA Types

Virtual MFA allows users to log in by using two steps: entering username and password, then entering a code sent via the Google Authenticator app or any other application for TOTP authentication.

SMS MFA allows users to log in by using your regular credentials and an SMS code to the phone number provided during setup.

Virtual MFA setup

  1. Install Google Authenticator app or any other application for TOTP authentication to your smartphone
  2. Go to PractiTest’s Personal Settings - Click ‘here’ to enable MFA
  3. enable virtual MFA
  4. Insert your password and press ‘Enable’
  5. password virtual MFA
  6. Then enter the app you installed, press ‘+’ and Scan a barcode you see in PractiTest
  7. Paste the code generated by the Google Authenticator into the PractiTest code area
  8. verify code virtual MFA
  9. You will be redirected to the Personal Settings main page and will get the ‘MFA enabled’ pop-up message. Thus Virtual MFA will be enabled and every time you log in, you will need to enter a code generated in the app in addition to username and password

SMS MFA setup

  1. Go to Personal Settings - Click ‘here’ to enable SMS MFA
  2. enable SMS MFA
  3. Put your password and phone number where you will receive SMS codes
  4. enable SMS MFA
  5. Input an SMS code that sent to your phone number and press ‘Verify’
  6. SMS MFA verify
  7. You will be redirected to the Personal Settings main page and will get the ‘MFA enabled’ pop-up message. Thus SMS MFA will be enabled and every time you log in, you will need to enter a code generated in the app in addition to username and password.

 

Important notes when using MFA:

  1. When MFA enabled users should disable it first if they would like to change the password within Personal Settings.
  2. The ‘Forgot my password’ option is not available when MFA is enabled. Users should ask the account owner or support to reset it for them.
  3. In case an account owner resets the password for a user, MFA will be automatically disabled and the user will need to re-enable it after login.
  4. In case a user belongs to multiple accounts, he needs to contact support to reset his password if he doesn't want to disable MFA first.
Next >>