Authenticate Via Code
Got passwords? Us too! To help track, remember, and correctly enter all those passwords, we have the solution: authentication via code. Authenticating via code is a secure and alternative method to log in "on demand" without the need to remember or reset your passwords.
- Authenticating via code is an all-or-nothing proposition. It's either on for everyone or off for everyone.
- Users cannot authenticate via code if they use a shared email address or shared phone number.
- If you've enabled multi-factor authentication (MFA), the user receives a second code when it's multi-factor time.
- If a code is expired or entered incorrectly, the User may try again and can request a new code.
User Walkthrough
If you enable authentication via code, your Users experience a familiar multi-factor authentication flow:
- On the login screen, they can receive send a code rather than entering their username and password.
- During this process, they can select Keep me logged in on this device.
- When they click Get One-time Code, the system asks them whether they'd like to receive their code by email or text message.Note: If SMS isn't configured for your Domain, the text option doesn't display.
- Within fifteen seconds of the request, the user receives a six-digit code to their selected method.Note: The Platform sends messages and logs them in the Message Log.
- On the login screen, they'll enter their code in the corresponding text box. A ten-minute countdown clock displays to indicate when their code will expire.
Configuration
MinistryPlatform uses Google reCAPTCHA to protect this process from bots and automated attacks.
Like all things related to login, you must configure your Domain record for authentication via code. There, you must add a reCAPTCHA Site Key and reCAPTCHA Key Secret.
Generate reCAPTCHA Site Key & Secret
Create a "Classic reCAPTCHA key", not "Enterprise". If you see a message about Enterprise at the top of your screen, click Switch to create a classic key. Your options should look like this:
After saving, the reCAPTCHA Site Key and reCAPTCHA Key Secret generates so you can copy and paste them into your Domain record.
Configure Authenticate via Code in the Platform
- Go to .
- Click Edit Record.
- Set Auth Code Enabled to Yes.
- Copy and paste the reCAPTCHA Site Key into the reCAPTCHA Site Key field.
- Copy and paste the reCAPTCHA Key Secret into the reCAPTCHA Key Secret field.
- To send the code through text, confirm that you configured the SMS fields.
- Click Save.