Increase security by having users answer additional verification questions when signing into Avanti. This multi-factor authentication (MFA) works with your employees’ current authentication to help ensure employees are who they say.
Important Information
This only applies if you’ve moved to the latest ASSP.
Before setting up security questions, you’ll need to make some decisions:
How many questions should employees create, and how many must they answer?
Determine whether you’d like employees to create their own questions.
Determine whether you’d like to create the question and what the questions will be.
Decide when employees answer security questions to confirm their identity. You can have them answer questions when:
Signing into the Avanti Desktop, ASSP, and Avanti Go.
Changing their security options in ASSP.
Changing their password on ASSP.
Decide how often users need to answer questions when signing in on their last device and a different device.
Additional Information
Want an even more secure option for MFA? Authenticator Apps have proven to be a more effective security measure. Check out the Multi-Factor Authentication Overview for more information.
How to Set up Multi-Factor Authentication
Step 1: Open Avanti Self-Service Portal Security Settings in the Avanti Desktop and select the Multi-Factor Settings tab.
By default, this can be found in Web Services >> Installation and Maintenance.
Step 2: Select Enable Multi-Factor Authentication.
Step 3: Choose when you’d like employees to answer security questions to confirm their identity.
Multi-Factor Required to Login: Select for employees to answer questions when signing into ASSP, the Avanti Desktop, and Avanti Go.
Multi-Factor Required to Change Security Options: Select for employees to answer questions before changing their ASSP settings.
Multi-Factor Required to Reset Password: Select for employees to answer questions before changing their password on ASSP.
Additional Information
We recommend using MFA in all three of these scenarios.
Step 4: On the Multi-Factor Persistence tab, select Enable Multi-Factor Authentication Persistence if you don’t want your employees to answer questions every time.
Want your employees to answer security questions each time they sign into Avanti? Skip to the How to Setup Security Questions section below.
Additional Information
We recognize employees using the same browser on the same computer who haven’t cleared their cookies.
Step 5: In Days Before Multi-Factor Required, enter the number of days before employees need to answer their security questions again when signing into ASSP.
Additional Information
We’ll recognize employee across all their devices once they first sign with security questions on each device.
For example, if this is seven days and a new employee answers questions to sign into ASSP on their laptop Thursday and on their phone Monday, they won’t need to answer questions again on either device until the following Monday.
Step 6: In Days Before Persistence Expires, enter the number of days before employees need to use MFA to sign into ASSP after they last used it on that device.
Great! You’re now ready to set up security questions.
How to Setup Security Questions
Step 1: Select the Multi-Factor Settings tab, then choose Require Questions for Multi-Factor Setup Option.
Step 2: On the Secret Questions tab, enter the number of questions employees must set up in Minimum Number of Secret Questions.
Step 3: Enter how many questions employees must answer in Number of Questions Asked.
Additional Information
This must be less than the Minimum Number of Secret Questions.
Step 4: Select Allow Custom Secret Questions to allow employees to create their own security questions.
Step 5: If you’re creating security questions for your employees to answer, skip to How to Create a List of Security Questions. Otherwise, go to Step 6.
Additional Information
If you don’t select Allow Custom Secret Questions, you need to create a list of questions for your employees.
Step 6: Select OK to save your changes.
Great! You’re all done. Next time your employees sign in, we’ll guide them through creating their questions.
Additional Information
Are you using Microsoft Single Sign-On with Azure’s MFA to authenticate some of your employees? Prevent these employees from having to enter their MFA info twice by disabling Avanti’s MFA for them. Go to Disable Avanti MFA When Using Microsoft Sign-On for more information.
How to Set up the List of Security Questions
Make security questions easier for your employees to create by including a list of questions for them to choose from.
Additional Information
If you didn’t select Allow Custom Secret Questions, you need to create a list of questions for your employees.
Step 1: Select Insert.
Step 2: Enter the English version in Question and the French version in French Question.
Step 3: Select which order the question appears in by adjusting the Sort Order, then select OK.
Step 4: Repeat Steps 1 to 3 for each question you’d like included in the list.
Step 5: Select OK to save your changes.
Well done! The next time your employees sign in, we’ll guide them through setting up security questions.
Are you using Microsoft Single Sign-On with Azure's MFA to authenticate some of your employees? Prevent these employees from having to enter their MFA info twice by disabling Avanti’s MFA for them. Go to Disable Avanti MFA When Using Microsoft Sign-On for more information.