Athena Multi Factor Authentication (MFA) Set up
Multi-Factor Authentication is now required to access AthenaOne. Upon signing in on Wednesday, February 12th, you will be presented with the following screen:
Please set up your preferred method for multifactor authentication. The below Chart covers the different options, and guides for setting each of them up are included should you run into any issues.
MFA for athenaOne supports four authentication methods in addition to a user’s password:
Authentication Factor
How It Works
Option 1 (Preferred):
Okta Verify App
Use the Okta Verify mobile app (available on iOS and Android devices) to receive a one-time passcode or push notification. As with other authenticator apps, users are free to use Okta Verify regardless of whether your organization has a contractual relationship with Okta. You can only receive your code or notification to the device(s) on which you first set up Okta Verify.
Option 2:
Authenticator App (TOTP)
Use a time-based one-time passcode (TOTP) from an authenticator app (e.g., Google Authenticator, Microsoft Authenticator, Duo Mobile). Users can freely download and set up any mobile or desktop app using the TOTP standard with this authentication method. There is no requirement that your organization must have a contractual relationship with the app developer, but you also cannot restrict users to a particular app (although for familiarity, they may prefer to use an app already deployed by your organization).
Option 3:
Text Message (SMS)
Receive a text with a one-time passcode to a mobile phone or VoIP number.
Option 4:
Voice Call
Receive a call with a one-time passcode to a mobile phone, landline, or VoIP number.
Option 1 - Set Up the OKTA Verify App:
Following are the steps that you will perform to set up Okta Verify as an additional authentication method for athenaOne login:
- On the setup page, click Set Up below the Okta Verify App option.
- Select the type of device – iOS or Android – on which you will install and use the Okta Verify app for additional authentication, then click Next. To set up a different authentication method instead, click Choose a different security method.
- Follow the onscreen instructions to open the Okta Verify app (you will need to download the app if you have not done so in the previous step) and scan the QR code with your mobile device’s camera.
- If you can’t scan a QR code or your device does not have a camera, click Can’t scan? below the QR code to finish Okta Verify setup another way.
- To set up Okta Verify using the QR code, open the Okta Verify app on your mobile device, tap Add Account, choose Other as your account type, and then tap Yes, Ready to Scan to open your device’s camera to scan the QR code. When your device recognizes the QR code, it will automatically show the account as added in both the Okta Verify app and the device on which you are logging in to athenaOne.
On your mobile device:
On the device from which you are logging in to athenaOne:
The above image will briefly display to indicate the Okta Verify app has been activated on your device and your authentication method setup is complete.
- If you instead clicked Can’t scan? to activate Okta Verify on your mobile device without a QR code, select from the Setup Options drop-down menu to choose your method, complete any required fields, then click Send; a link will be sent by the chosen method to your mobile device. Tap the link to automatically open and activate the Okta Verify app, to complete your factor setup.
On the device from which you are logging in to athenaOne:
On your mobile device:
Option 2 - Set Up any Authenticator App (TOTP):
Following are the steps that you will perform to set up a time-based one-time passcode (TOTP) authenticator app as an additional authentication method for athenaOne login:
- On the setup page, click Set Up below the time-based Authenticator App option. Follow the onscreen instructions to open the Authenticator App (TOTP) (you will need to download an authenticator app if you have not done so in the previous step) and scan the QR code with your device’s camera. If you can’t scan a QR code or your device does not have a camera, click Can’t scan? below the QR code to complete setup another way. To set up a different authentication method instead, click Choose a different security option.
- To set up authenticator app (TOTP):
- Using the QR code - open the authenticator app on your desktop or mobile device. While many apps are compatible with this TOTP method, the following screens use Google Authenticator as an example. When prompted to add an account, tap Scan a QR code to open your device’s camera to scan the QR code. When your device recognizes the QR code, it will automatically show the account as added in the Authenticator app.
- If you instead clicked Can’t scan? to activate your authenticator app on a desktop or mobile device without a QR code, you are presented with a setup key. Open the authenticator app on your desktop or mobile device and when prompted to add an account, tap Enter a setup key. Enter a label of your choice (e.g., “athenaOne”) in the Account field, and enter the setup key in the Key field. The setup key is not case-sensitive, so you can ignore capitalization. Tap Add to show your account as added in the Authenticator app.
In the authenticator app on your desktop or mobile device:
On the device from which you’re logging in to athenaOne:
3. On the device on which you are logging in to athenaOne, click Next. A field will appear to input the one-time code generated by your authenticator app. You must be quick to input this code on the device on which you’re logging in to athenaOne. Enter a valid code in the Enter Code field and click Verify to complete setup.
Option 3 - Set Up SMS Authentication:
Following are the steps that you will perform to set up text messaging as your additional authentication method for athenaOne login:
- On the setup page, click Set Up below the Text Message (SMS) option.
- Select the country code and enter the number in the Phone number field of the mobile phone you would like to use as your additional authentication method.
- Click Send Code to send a text message with a one-time code to your phone number.
- To set up a different factor instead, click Choose a different method.
- Open the text message with your one-time code on your mobile phone, then enter this code in the Enter Code field and click Verify. If the code is valid, your setup is complete. If after a minute you have not received a text message with your one-time code, you will see a prompt to click Re-Send Code to receive a new one.
Option 4 - Set Up Voicecall Authentication:
Following are the steps that you will perform to set up a phone call as your additional authentication method for athenaOne login:
- On the setup page, click Set Up below the Voice Call Authentication option.
- Select the country code and enter the number in the Phone number field of the mobile phone or landline you would like to use as your additional authentication factor
- If your phone number has an extension, you can provide it in the Extension field.
- Click Send Code to receive a phone call with a one-time code.
- To set up a different authentication method instead, click Choose a different method.
- Answer the phone call and listen for the one-time passcode. If you do not answer this call, you will receive a voicemail with the code instead. Enter this code in the Enter Code field and click Verify. If the code is valid, your authentication is complete, and you will be automatically redirected into athenaOne. If after a minute you have not received a phone call with your one-time code, you will see a prompt to click Redial to receive a new one.
