What Is Changing?
- Multi-Factor Authentication (MFA, also known as Two-Factor Authentication or 2FA) will be enabled on ALL Formstack accounts as of June 14. The only authentication options offered require a mobile device and will either use SMS (text-message) or an authenticator app. The multi-factor authentication process will happen at every log in.
- Additionally – shared “generic” logins such as officename@santarosa.edu will be eliminated because authentication would be tied to a single individual’s device, and would require that person’s availability at every log in. Read on for details. NO DATA WILL BE DELETED.
Who Does This Effect?
Formstack now requires ALL users to enable MFA.
All users currently using a shared account to log into Formstack will need to request an individual account. Contact the web team for assistance, cc’ing your supervisor.
Why Is This Change Happening?
Formstack is enhancing their security. Multi-Factor Authentication can protect accounts from unauthorized access, even if your password has been compromised.
When Do I Have to Make the Change?
On or after June 14, log into Formstack as usual, at which point you will be guided through the set-up process.
If you are not already familiar with using authentication apps, then we recommend that you select the SMS/text message option. If you work remotely using the District Global Protect VPN and/or VMWare Horizon, then you are already familiar with the SMS authentication method.
How Do I Set Up Two-Factor Authentication?
- To Set Up MFA Using SMS (Recommended)
After entering your username and password, you will be asked to set up MFA. A modal (pop-up) should appear (if it does not appear, scroll down for alternate instructions):
Click the ‘Authenticate via SMS link at the bottom of the setup modal. Then, enter your phone number.
When you click “Next”, a text message will be sent to the phone number you entered with a 6-digit code. Enter that code into the modal and click ‘Verify code’.
If you do not receive a text message within a minute, click the ‘Resend code’ link as shown below.
The setup process is complete once you’ve verified the code.
If you do not see the modal, or have already clicked away from it, users can also navigate to the Admin page by clicking on their name in the app header and selecting ‘Update Your Profile’:
Next, From the “Your Profile” page and scroll down to the “Profile security” section. From there, select toggle Two-factor authentication on.
- To Set Up MFA/2FA Using an Authenticator App (Advanced Users)
If you do not see the modal, or have already clicked away from it, users can also navigate to the Admin page by clicking on their name in the app header and selecting ‘Update Your Profile’:
Next, From the “Your Profile” page and scroll down to the “Profile security” section. From there, select toggle Two-factor authentication on.
Next, follow the directions on the screen to set up MFA with an authenticator app.
- Choosing an Authenticator App
You can set up MFA using a variety of authenticator apps. We would recommend:
- Google Authenticator (Android/iPhone/BlackBerry)
- Microsoft Authenticator (Windows Phone)
Once you’ve downloaded the app to your device, open the app and scan the provided QR code when directed.
Note: If the QR code is not accepted by your app, you can produce a shared key by clicking on the link next to the QR code and type the code manually into the app instead.
Finally, enter the authentication code generated by the app and click "Verify code."
Once the code is successfully verified, the setup process is complete.
IMPORTANT NOTE:
You may see multiple access codes if you are already using an authenticator app for another program. In the screenshot below, the bottom code would be the correct one to use for Formstack’s MFA, indicated by the identity name “admin.formstack.com.”
