This article covers configuring multi-factor authentication (MFA) for individual user accounts. For information on configuring MFA on the Aeon Server, see Logging into the Aeon Web Client.
By default, the Aeon Web Client will enforce multi-factor authentication (MFA) for all staff user accounts to provide an extra layer of security for logins to the web client application. On your first login, you will be required to configure MFA for your account using a third-party authentication application such as Microsoft Authenticator. After this configuration is completed, you will need to enter a 6-digit one-time password (OTP) generated by the connected authentication application along with your username and password each time you log in.
Configuring MFA for a Staff Account | Resetting the MFA Configuration for a Staff Account
Officially Supported Authentication Applications
The following third-party authentication applications have been officially tested and are confirmed to be supported for use with the Aeon Web Client:
- Microsoft Authenticator (mobile application)
- Google Authenticator (mobile application):
- Twilio Authy (mobile application)
- 1Password (mobile or desktop application) - subscription required
Other authentication applications offering time-based one-time passwords (TOTPs) not listed above may also work with the Aeon Web Client, however, as these applications have not been officially tested, support cannot be guaranteed.
Known Issue Affecting Aeon Logo Used in Microsoft Authenticator and Twilio Authy Applications
Due to an issue with the Microsoft Authenticator and Twilio Authy applications, an incorrect logo image for Aeon.com may display next to entries configured for the Aeon Web Client:
This issue only affects the logo displayed for these entries and has no effect on the behavior of the application. The codes generated by these entries will work for the Aeon Web Client and no data of any kind will be sent to Aeon.com.
Configuring MFA for Your Account
Upon your first login to the Aeon Web Client, you will be prompted to configure multi-factor authentication for your Aeon account. Follow the steps below to complete this process:
- Enter the username and password for your staff account into the Aeon Web Client login screen and click Logon.
-
The Multi-Factor Authentication Setup screen will appear. Use your authentication application to either scan the QR code or copy and paste the Manual Entry Key into your authentication application to create an entry for Aeon in the application.
Please refer to your authentication application's documentation for detailed instructions on this process. - Enter the one-time password (OTP) generated by your authentication application for Aeon into the Authentication Code field on the Multi-Factor Authentication Setup screen.
- Click Submit.
- MFA is now configured for your Aeon account and you will be logged into the Aeon Web Client.
Please see Troubleshooting Issues Configuring MFA for Staff Accounts After Web Client Installation if you are experiencing issues completing the MFA configuration process for staff accounts after the Aeon 6.0 update.
You will need to enter the OTP generated by your connected authentication application along with your Aeon username and password on all subsequent logins to the Aeon Web Client. If you lose access to the authentication application connected to your account or need to change your MFA configuration, your configuration must be reset by an Aeon administrator to allow you to re-complete the setup process above using the new authentication application.
Resetting the MFA Configuration for an Account
Aeon administrators can reset the MFA configuration for a staff account using the Staff Administration page in the Aeon Web Client. Resetting a user's MFA configuration will allow them to re-complete the MFA setup process above in the case that they lose access to the authentication application connected with their Aeon account or need to change this configuration for any other reason.
Aeon administrators should see Managing Staff Accounts and Web Client Layouts Using the Staff Administration Page for instructions on this process.