Skip to main content

Notice: The iGUIDE Product Support team will be unavailable January 17 and 18 due to scheduled maintenance.

Setting up Multi-Factor Authentication (MFA) on the iGUIDE Portal

Updated

Starting May 26, 2026, the iGUIDE Portal will ask you to set up Multi-Factor Authentication (MFA). After July 1, 2026, MFA is required to sign in. This article covers what's changing, how to set it up, and what to do if you get stuck.

What MFA is

MFA adds a second step to signing in. After you enter your password, you'll enter a 6-digit code from a free authenticator app on your phone. The code refreshes every 30 seconds, so even if someone else has your password, they can't get into your account without your phone.

Why we're adding it

MFA blocks the vast majority of account takeover attempts. Microsoft's data puts the figure at 99.9% of automated attacks.

A few common questions about other methods:

  • SMS codes aren't included because text messages can be intercepted through SIM swapping, where an attacker convinces a carrier to move your number to their device.
  • Email codes aren't included because they use the same channel as a password reset. Anyone with access to your inbox could reset your password and grab the MFA code in the same place, which defeats the purpose.
  • Authenticator apps generate codes locally on your device, so the codes never travel over a network that could be intercepted.

Who this affects

  • Every portal user signing in with email and password.
  • If you sign in with Google or Microsoft (SSO), nothing changes for you. Your identity provider already handles this, and you won't see any prompts.

What you'll need

A free authenticator app on your phone. Any of these work:

  • Google Authenticator
  • Microsoft Authenticator
  • Duo Mobile
  • Authy
  • 1Password
  • Bitwarden

Any standard TOTP app will work. If you already use one for another service, use that.

Setting it up

Setup takes about two minutes. You only do it once.

  1. When you sign in, you'll see a prompt to set up MFA. You can do it now or skip and come back later, until July 1, 2026.
mfa.png
  1. If you start setup, you'll re-enter your password and then see a QR code. Open your authenticator app and scan it. On mobile, you can copy the secret code or tap the link to open the app directly.
mfa2.png
  1. Your app will start showing a 6-digit code that refreshes every 30 seconds. Enter the current code on the portal to confirm everything's connected.
  2. The last step is recovery codes. You'll get 10 of them, 8-character codes like A3K9-PQ72. Save these somewhere safe before you finish. A password manager works well, or print them and store the page somewhere you'll find it later. You can't finish setup without confirming you've saved them, and you won't see them again after this screen.

mfa3.png

Signing in after setup

Sign in with your email and password as usual. The portal will ask for the 6-digit code from your authenticator app. Open the app, type the current code, and you're in. The whole extra step takes about 10 seconds.

image-20260501-163632.png

What if I lose my phone

Use one of your 10 recovery codes to sign in. Each code works once. After signing in, go to Settings, then Security, to set up MFA on your new device and generate a fresh set of recovery codes.

If you've used all 10 codes, you can regenerate a new set at any time from Settings, then Security.

Replacing your authenticator (new phone, new app)

You can swap your MFA device whenever you want, as long as you still have access to the current one. Sign in, go to Settings, then Security, and replace the existing setup. You'll scan a new QR code from the new device.

For security reasons, you can't fully remove MFA from your account once it's set up. You can only replace it. If you lose access to your authenticator and your recovery codes, support has to reset it for you.

image-20260501-162902.png

Dates to know

May 26, 2026: MFA setup becomes available. You can set it up immediately or skip and come back.

July 1, 2026: MFA becomes required. You won't be able to sign in without it after this date.

FAQ

Q: Do I need to pay for anything?

A: No. Every authenticator app listed above is free.

Q: What if I lose my phone AND my recovery codes?

A: Contact support. We can reset MFA on your account so you can set it up again on your new device.

Q: What if I don't have a smartphone?

A: Contact support and we can assist further. 

Q: I sign in with Google or Microsoft. Do I need to do anything?

A: No. SSO users aren't affected.

Q: What about the mobile capture app?

A: You will be requested to sign in and enter your MFA code when you upload to the portal.

Q: Can I use the same authenticator app for multiple accounts?

A: Yes. Most apps support unlimited accounts. Each one shows up as a separate entry with its own rotating code.

Q: How often will I need to enter a code?

A: Every time you sign in with your email and password.

Related articles 

Comments

0 comments

Please sign in to leave a comment.