Multi-Factor Authentication (MFA) Overview

Multi-Factor Authentication (MFA)

Multi-Factor Authentication (MFA) dramatically reduces the chance of cybersecurity account compromise attacks - by up to 99.9% (source). When using MFA, SiteLink users will be required to provide two different forms of identity authentication to ensure they are who they claim to be. Multi-Factor Authentication is part of another of our newest features, Single Sign-On (SSO). This feature reduces the complexity of logging into SiteLink by providing a single set of credentials for users no matter if they’re logging into any of their facilities using Web Edition, myHub, or Corporate Control Center.

How do I start using MFA?

Please note: We must receive permission from an account owner or admin to enable MFA. If you choose to enable MFA for your company, it will be enabled for all locations at your corporation. 

1. Reach out to us -  If you’re interested in taking advantage of Multi-Factor Authentication and Single Sign-On, please fill out this form. Once we have received your form submission, the Storable team will create an initial SSO Admin login for your corporation.

2. Complete onboarding - User reconciliation needs to be done once for your company by the initial Admin user when you first start using MFA. This will provide all users with a single login for all SiteLink apps and locations they need access to. In the final step of reconciliation, MFA will officially be activated for your organization.

📖 You can find instructions to do this in our article: SiteLink Multi-Factor Authentication and Single Sign-On onboarding instructions. 

3. Set up Multi-Factor Authentication (MFA) - Once MFA has been activated for your corporation, the login screen for SiteLink applications will redirect you to the Storable SSO dashboard when you click the Login button. The first time each user at your corporation logs in after their account has been converted, they will need to set up Multi-Factor Authentication.

📖 You can find instructions to do so in our article: Setting up Multi-Factor Authentication.

4. Enable SSO launch - You can continue to log into SiteLink from your SiteLink applications as you are used to. The SSO login page will open so that you can enter your MFA credentials. However, if you would like to streamline the login process by logging into SiteLink applications directly from the Single Sign-On dashboard, you must enable SSO launching.

📖 Follow the instructions in our article: Opening SiteLink Applications from the SSO dashboard. 

 

FAQ

Q: Can I use MFA without Single Sign-On or Single Sign-On without MFA?

A: No. MFA is accessible as part of the SSO dashboard. If you would like to use MFA, you will be set up with an SSO account.

 

Q: Can I use MFA and SSO at some of my locations and not others?

A: No. MFA is a Corporate level setting and, for technical reasons, cannot be enabled at the facility level. If you choose to use MFA, it will be enabled for all locations at your corporation. 

 

Q: If I start using MFA and SSO and change my mind, can I go back to signing into SiteLink without MFA?

A: No. Once SSO has been enabled for your corporation, it cannot be disabled. We have Beta tested MFA and SSO with a number of large corporations to ensure users won’t run into any critical, organization-level issues. We have built MFA using Okta, which is a prominent and reliable provider in the user authentication space. We feel confident that this feature will work as intended and not need to be disabled once you begin using it. 

 

Q: How are users managed once I am using MFA and SSO?

A: Adding and deleting users will be done in the SSO Dashboard by users with Admin access. If users need to be added or deleted and you do not have Admin access, please contact your company’s Admin. Editing users in SiteLink will be restricted to certain fields such as login time and day rules as well as Security Level. When a new user is added to the SSO dashboard, their Security Level will need to be updated in SiteLink. 

Q: How do I access restricted screens (the Security Logon feature) when using MFA and SSO?

A: If there were screens you previously accessed by entering your SiteLink login credentials, you will now use a PIN. You will be prompted to set your desired PIN the first time you access one of these screens. 

If you need to switch users, click Log In as a Different User and you will be redirected to the SSO dashboard to enter the new login credentials.

verify_pin.png

 

Q: If I use SSO, do I need to stay signed into SiteLink for my gate to update?

A: No. For increased security, gate updates will no longer require someone to stay logged into SiteLink Web Edition (SLWE). However, the initial SiteLink login page must be left open on the gate computer when SiteLink is not in use so that gate updates can take place automatically. During normal daily use, gate updates will continue to work as they have previously.

 

Q: If I leave SiteLink running overnight to automatically apply an update, will I be automatically logged in after the update is complete?

A: No. If you are logged into SiteLink Web Edition (SLWE) prior to an automatic overnight software update, you will no longer be automatically logged in after the update is complete. However, SLWE will reopen and remain on the login page so gates continue to update as expected.

Still have questions?
Don't be afraid to ask us. We're here to help you.