Multi-factor authentication (MFA)
Multi-factor authentication (MFA) adds an extra layer of security during a login process by requiring a second factor in addition to the standard combination of username and password. MFA can be activated on Opendatasoft to help protect user accounts—and the data in the portals they have access to—even if their password is compromised.
Opendatasoft requires you to use a time-based one-time password app (TOTP) that provides a six-digit code that changes every 30 seconds. Common apps are Google or Microsoft Authenticator, Duo Mobile, Authy, FreeOTP, or else most password managers can also handle authentication for you.
Compatible apps exist on both mobile and desktop. See Wikipedia's "Comparison of OTP applications" for ideas of which app to use.
I'm a user
Some administrators may choose to require you to use MFA on your account before being given access to their portals.
If you request access to such a portal and are accepted, you will be prompted to set up MFA the first time you log in. If you had access to the portal before its admin decided to enforce the use of MFA, you will be prompted to set it up the next time you log in.
When prompted to set up MFA in Opendatasoft:
Remember that you can use the authentication app of your choice, be it on mobile or on desktop. Download the app and open it.
Using the app you've chosen, Scan the barcode or click Use setup key to obtain the code for the app you've chosen. Each app works a little differently, so you may need to consult the app's instructions or online help to walk you through the process.
In the Opendatasoft setup, where indicated, enter the one-time code from your MFA app.
Give the setup a name so you can easily recognize it in the app.
Click Submit.
And that's it! Just remember that the next time you log in, you'll need to provide the MFA code from your app.
Setting up MFA on your own
You can also set up MFA on your account independently.
Go to your account page, click on the Security tab, then click on Set up and follow the same process as described above.
Managing your MFA methods
To manage your methods, go to your account page, then to the Security tab.
Click on the pencil icon to edit your methods. There you can click Add app to add additional methods, and click on the trash can icon to delete existing methods.
I'm an admin
As an admin, if you would like to force your users to use MFA on your portal, first go to Access > Security.
There you can choose to enforce MFA access for all users, or only for users with access to your portal's back office. Toggle the choice you need, and the next time those users log in they will be prompted to use MFA.