Setting Up Multi-Factor Authentication in Authentik

Overview

These are instructions on how to set up multi-factor authentication (MFA/2FA) for your Mount Vernon Single Sign-On account in Authentik.

Pre-requisites

• Access to your Mount Vernon Single Sign-On account
• Your personal smartphone with app-install permissions

Installing the Authenticator App

If you have not already installed the Bitwarden Authenticator App, then follow the instructions below. Otherwise, skip this section.

1. On your personal smartphone, download the Bitwarden Authenticator App from the App Store or Play Store
   • Apple iOS: https://apps.apple.com/us/app/bitwarden-authenticator/id6497335175
   • Android: https://play.google.com/store/apps/details?id=com.bitwarden.authenticator&hl=en_US
2. Open the app and set aside

Setting Up Multi-factor Authentication in Authentik

1. In a web browser, navigate to https://fs.mvps.us/ (sign in to your Mount Vernon Single Sign-On account if not already)
   
   
   
   
2. On the home screen with all of the apps, click the Settings Icon at the top-right
   
   
   
   
3. In the settings menu, navigate to the MFA Devices tab, then click the Enroll button and select TOTP Device
   
   
   
   
4. A QR Code will appear in a window. On your smartphone in the Bitwarden Authenticator App, click the + button at the top-right (or the Add Code button)
   
   
   
   
5. Your smartphone camera should open. Point the camera at the QR code that appeared on your screen in the previous step
   
   
   
   
6. The camera should automatically grab and add the new entry into the Bitwarden Authenticator App, displaying a code on the right of the entry
   
   
   
   
7. In the Code field under the QR code, enter the code that is showing in the Bitwarden Authenticator App entry that was created, then click Continue
   HURRY! Each code is only valid for 30 seconds, so if it is about to expire, just wait until it regenerates a new one and enter that one.
   
   
   
   
8. Once you click the Continue button, it should take you back to the MFA Device page, showing a new entry.
   
   
   
   
9. Multi-factor authentication is not setup!

Logging in with Multi-factor Authentication

Follow the instructions in this article on how to log into your Mount Vernon Single Sign-On account that has multi-factor authentication enabled.

Open a Ticket

Naturally, even the most perfectly laid plans can fail at times, so if you experience any issues, simply open a ticket with the Tech Team and we will be happy to assist!