Multi-Factor Authentication (MFA): Google Authenticator
As of August 15, 2022: Multi-Factor Authentication (MFA) is required to access the DDSP.
MFA is a separate third-party application “add on” managed by the end-user. Your organization may already have an MFA application they prefer to use, or you may need to download an MFA application to use specifically for the DDSP.
The Joint Commission can offer limited guidance on the three MFA applications listed below.
Google Authenticator for Android and iOS
Microsoft Authenticator for Android and iOS
Authy for Desktop, Android, and iOS
However, please note: Whichever MFA add-on an organization elects to use is at their discretion and should be installed and supported by their own internal IT support. Joint Commission is not able to provide individual/site specific IT support on this topic.
This Help topic will cover Google Authenticator for Android and iOS and uses the Android option as the example.
As with most/all other MFA solutions, Google Authenticator is a third-party application. Additional information about Google Authenticator is available via https://safety.google/authentication/
Your IT department may limit your ability to download from third-party websites; contact your internal IT for assistance.
If you have not previously installed Google Authenticator, follow steps 1-5 below. These steps are also available from Google via their website: https://support.google.com/accounts/answer/1066447?co=GENIE.Platform%3DAndroid&hl=en&oco=0 or skip to step 6 If you have already set up Google Authenticator for other applications.
To download Google Authenticator, select the Google Authenticator app from your App Store.
On your computer, Android or iOS device, got to your Google Account. At the top, tap the Security tab. If at first you don’t get the Security tab, swipe through the available options until you see Security.
Under “Signing into Google,” tap 2-Step Verification. You may need to sign in to your Google account.
Under “Authenticator app,” tap Set Up. On some devices, under “Authenticator app,” tap Get Started.
Follow the on-screen steps.
Set up MFA for the DDSP
6. To enable MFA, log in to the DDSP and navigate to “User Settings” > “Manage Multi-Factor Authentication”:
7. If no MFA has been previously enabled, you will see a message stating, “You do not have Multi-Factor Authentication enabled” and a prompt to “Register Device.”
MFA is specific and applied to each individual user and device, not the HCO or DDSP workspace. If a user has access to multiple workspaces, the MFA applies to all.
8. The platform provides a list of three Authenticators (Google, Microsoft, Authy) but your organization may have additional options, preferences, or MFAs already in place that may be used for the DDSP. Contact your internal IT department for assistance. Click “Continue” to begin registration.
9. You will be prompted with a scan code and a text code. Open the Google Authenticator app on your mobile device. In the Google Authenticator app, select “Scan a QR code.” A scanner will open within the app.
10. Hold your device camera up to the QR code in the DDSP and scan the code. The Authenticator will update, saying “Account added,” and begin to display six-digit verification codes. It produces a new code every 30 seconds. Unlike a password, only someone with access to your phone knows the current code. Enter the six-digit code displayed in Google Authenticator in the “Verification Code” field in the DDSP.
TIP: If the clock shows less than 15 seconds, we suggest waiting for a new code to generate.
11. Select “Verify”; you should see “Multi-factor authentication activated:
12. You will be prompted to enter MFA when logging into the DDSP. When this occurs, click to open the Google Authenticator application on your device, select the DDSP account, then enter the token into the MFA field in the DDSP.