Set up multi-factor authentication (MFA)

Updated

Overview

Sumday requires all users to set up multi-factor authentication (MFA). This adds an extra layer of security by asking for a time-based code from an authenticator app whenever you log in.

This article walks you through how to complete MFA setup.

Note: Users who log in to Sumday via the Xero or Single Sign-On options will be taken through the MFA process of those providers. 

Before you begin

Make sure you have the following:

  • Access to Sumday via a web browser
  • Your Sumday login credentials
  • A smartphone or device with an authenticator app installed
    (e.g. Google Authenticator, Microsoft Authenticator, Authy, 1Password)

Setting up MFA at sign-in

These steps are for users who are creating a new Sumday account or logging in and being prompted to set up MFA for the first time. 

  1. From the Sumday homepage, create an account or login in with your Sumday email and password.
  2. Once you've created an account or logged in, you will be prompted with a “Secure your account” screen with a QR code.
  3. Open your chosen authenticator app and add a new account for your Sumday MFA process by:
    • Tapping “+”, or a QR code icon, or "Add Account" (this varies by app)
    • Choosing “Scan a QR code” or “Enter a setup key manually”
  4. Scan the QR code displayed on the Sumday screen.
    • If you can’t scan the code, click “Trouble scanning?” to reveal the manual setup key.
  5. After adding the Sumday account to your authenticator app, a 6-digit code will appear.
  6. Return to Sumday, enter the code in the “Enter your one-time code” field, then click Continue.
  7. MFA will now be set up for all future logins. You will be asked for a one-time passcode from your authenticator app each time you log in. You can choose to be remembered for 30 days on trusted devices.

Troubleshooting MFA

The QR code doesn't work

Try the following steps:

  • Make sure you’re scanning within your authenticator app, not your phone’s regular camera.
  • Try re-scanning the code.
  • Click “Enter a setup key manually” to input the key instead.
  • Check your internet connection.
  • Refresh the browser or restart the MFA setup flow.

I changed my phone or device

If you've changed to a new device and no longer have access to your authenticator app:

  1. Contact support@sumday.io and ask for an MFA reset.
  2. Log in again, and you’ll be prompted to set up MFA where you can use your new device.

I can't locate Sumday in my authenticator apps

If you’re unsure which app you used to initially set up MFA for Sumday, or can’t find a Sumday entry in your apps:

  • Contact support@sumday.io to request an MFA reset.
  • After it’s reset, you will be taken through MFA set up when you next log in.
  • If you later find the old Sumday MFA account in your app, we recommend deleting this as the one time passcodes won't be related to your Sumday login anymore. Only the new account will provide the correct code. 

 

Was this article helpful?
0 out of 1 found this helpful