Big Tomato Tech Knowledge Base

As part of Big Tomato Tech's ongoing commitment to keeping your account secure, we are implementing MFA across our WordPress networks. This article will walk you through what MFA is, why we are introducing it, and the options available to you for setting it up.

TABLE OF CONTENTS

• What is MFA?
• Why is MFA Being Implemented?
• Overview of the MFA Process and Options Available
  • Step 1: Log In to Your Account
  • Step 2: Choose Your Authentication Method
  • Step 3: Set Up and Test
  • Step 4: Complete Your Login
• Conclusion

What is MFA?

Multi-Factor Authentication (MFA) is an additional layer of security designed to ensure that you’re the only person who can access your account, even if someone else knows your password. MFA requires you to provide two or more forms of verification before granting access to your account.

These verification methods include:

1. Something you know (your password).
2. Something you have (a mobile device or backup codes).
3. Something you are (biometric verification like fingerprints, though this is not required for our setup).

In our system, you will use your password as the first factor, and then choose from one of the following for your second factor:

• A code generated by a mobile authenticator app.
• A one-time password (OTP) sent to your email.
• Backup codes that you can download and use if you lose access to your primary method.

Why is MFA Being Implemented?

The primary reason we are implementing MFA is to enhance the security of your account and our entire system. Passwords alone are often not enough to keep your account safe from hackers. They can be stolen, guessed, or even phished. MFA significantly reduces the risk of unauthorized access by requiring a second form of verification that only you have access to.

With MFA enabled, even if someone obtains your password, they won’t be able to log in to your account without the additional factor of authentication. This helps protect sensitive information, ensures the integrity of our network, and gives you peace of mind knowing your account is secure.

Overview of the MFA Process and Options Available

We’ve made setting up MFA as straightforward as possible. Here’s what you can expect and the options available:

Step 1: Log In to Your Account

When you next log in to your account, you’ll be prompted to set up MFA. You’ll be guided through the process, which should only take a few minutes.

Step 2: Choose Your Authentication Method

You can choose one or more of the following methods for your second factor:

1. Mobile Authenticator App

   • What It Is: This method uses a free app on your smartphone, like Google Authenticator or Authy, to generate a time-based code.
   • How It Works: After entering your password, you’ll be prompted to enter a code from the authenticator app. The code changes every 30 seconds, ensuring that only someone with access to your phone can log in.
   • Setup: You’ll be provided with a QR code to scan with your app, or a key to manually enter if scanning isn’t possible.
   • Complete Instructions for Setting Up a Mobile Authenticator App

2. Email One-Time Password (OTP)

   • What It Is: With this method, a one-time password will be sent to your email every time you log in.
   • How It Works: After entering your password, you’ll receive an email with a unique code. Enter that code on the login screen to access your account.
   • Setup: You simply need to verify your email address during the setup process.
   • Complete Instructions for Setting Up Email OTP 

3. Backup Codes

   • What It Is: Backup codes are a set of one-time-use codes that you can use if you lose access to your primary MFA method (e.g., your phone is lost or stolen).
   • How It Works: You can use a backup code in place of your usual second factor. Once used, a backup code cannot be reused.
   • Setup: You’ll be prompted to download these codes during the MFA setup. Store them in a secure place, like a password manager, for emergency use.
   • Complete Instructions for Setting Up Backup Codes

Step 3: Set Up and Test

Once you’ve chosen your method, follow the on-screen instructions to complete the setup. You’ll be prompted to test the method to ensure everything is working correctly.

Step 4: Complete Your Login

After setting up MFA, you’ll complete your login using the method you chose. From then on, each time you log in, you’ll need to enter your password and then use your selected MFA method to verify your identity.

Conclusion

Implementing MFA is a simple but powerful way to protect your account. We’re here to help make this transition as smooth as possible. If you have any questions or encounter any issues, don’t hesitate to reach out to our support team or consult our detailed help desk articles.

Thank you for taking this important step toward securing your account and helping us protect the entire network!