MFA on Shared Devices

 Back Top Prev Next Print

There are three options for setting up MFA on shared workstations. The simplest method is using a FIDO2 security key, such as a YubiKey.

 

hmtoggle_arrow1FIDO2 Security Key

Use a physical FIDO2 security key (eg. YubiKey) that plugs directly into the workstation's USB port. This allows secure and quick access without requiring a phone or app. See here for instructions.

 

hmtoggle_arrow1Microsoft Authenticator

You can link up to five Microsoft Authenticator devices to a shared account, allowing multiple users to access the MFA prompt via their own mobile device. 

1.Log in to your Microsoft account using the shared Jim2Cloud account.

2.Select Security info.

secinfo

3.Select + Add sign-in method.

addsignin

4.Choose Microsoft Authenticator from the list.

authenticator

5.Follow the prompts to configure the account on the Microsoft Authenticator app on your mobile device

authenticator1

6.Open the app on your phone and tap + at top right to add a new account.

Choose Work or school account, then scan the QR code shown on your screen.

authenticator2

7.Scan the QR code using the Microsoft Authenticator app on your mobile device. Then click Next.

authenticator3

8.Approve the test notification sent to your device.

 authenticator4

 authenticator5

 

Repeat Steps 3 to 8 on each device you want to add (up to a maximum of 5).

 

Each device will receive MFA notifications each time an MFA prompt is made (currently every 30 days).

 

hmtoggle_arrow1Software OATH Token

You can set up an OATH token in a shared password manager (eg. 1Password, Bitwarden, Dashlane, KeePass).

 

This allows multiple authorised users to access the One-Time Password (OTP) when prompted for MFA.

1.Log in to your Microsoft account using the shared Jim2Cloud account.

2.Select Security info.

secinfo

3.Select + Add sign-in method.

addsignin

4.Choose Microsoft Authenticator from the list.

authenticator

5.Select I want to use a different authenticator app.

oauth1

6.Open your password manager and choose to add a new 2FA entry or scan a QR code.

7.Scan the QR code shown on the Microsoft screen using your password manager.

8.Back on the Microsoft screen, enter the 6-digit code generated by your password manager to verify and complete the setup.

 

Now that setup is complete, any user with access to the shared password manager can use the OTP to approve MFA prompts when logging in from the shared workstation.

 

warning1

Ensure access to the password manager is restricted to only authorised users.

 

Further information

Jim2Cloud Technical Requirements

Jim2Cloud Status

Jim2Cloud_WindowsApp_Information

Jim2Cloud Setup and Access for PC

Jim2Cloud Setup and Access for MAC OS

Jim2Cloud Access for Android

Jim2Cloud Access for iOS

Yubikey or FIDO2 Security Key Setup

Jim2Cloud Troubleshooting

Add and Link to On Premises Document

Add a Document Within Jim2Cloud

Import Files from Your PC to Jim2Cloud

Open or Save Files from Jim2Cloud

Set up Jim2 Mobile for Jim2Cloud

Set up Printer for Jim2Cloud

Tyro EFTPOS Integration in Jim2Cloud