Applies to: Sophos Home Premium
- What is MFA
- Setting up MFA
- Signing in to MFA enabled accounts
- Email alerts from MFA
- Forget devices from MFA access
What is Multi-Factor Authentication/MFA?
Multi-factor authentication (MFA) is a feature that increases the Sophos Home accounts’ security by adding an extra layer of verification when logging in.
Setting it up requires an Authenticator app (such as Sophos Authenticator, Google Authenticator, Microsoft Authenticator…etc..), and a recovery method such as secondary email or mobile number.
Instructions
To enable MFA for your Sophos Home account, please follow these steps:
1- Log in to your Sophos Home Dashboard
2- Click on your email address at the top right of the screen and choose My Account :
3- Enter your Sophos Home account password and click Unlock :
4 -Find the Multi-Factor authentication slider
5 -Click on the slider to enable Multi-Factor Authentication, and follow the on-screen prompts
Note: You will need to use a third party Authenticator ready in order to set up MFA.
6 -Scan the QR Code with your Authenticator, or choose Can’t scan the code, to get a key you can copy-paste onto your Authenticator.
7-After entering the code and clicking Continue, choose your recovery method (Email or mobile phone) and send the verification to receive one last code.
Note: you need to add at least 1 recovery method (either email or mobile number). A secondary method can be added at a later time via the Multi-Factor section in the Security page.
Note 2: If using a recovery email, please use a different one than your Sophos Home account email address.
8 -After entering the code sent to the recovery method, MFA will become enabled
9- IMPORTANT: After having set up MFA, we recommend to add at least 1 system to Direct Access for recovery purposes. Please see: Enabling Direct Access
Signing in to a Multi-Factor enabled Sophos Home account:
1- Log in to your Sophos Home Dashboard
2 -After enter your Sophos Home credentials, you’ll be presented with the MFA verification step:
3 -Use your Authenticator to generate a code and sign in.
Note: You may select the checkbox to remember the computer for 30 days, in which case you will not be prompted to enter the verification code on that browser for a month.
MFA Email notifications
Users will receive an email when MFA is enabled:
Subject: Sophos Home – Multi- Factor Authentication enabled
New sign ins to the Dashboard will trigger Sign in emails:
(User receives an email when logging in from a new device or different country)
Subject: Sophos Home – New sign in
Users receive an email when they modify /add a new recovery method
Subject: Sophos Home – Multi- Factor Authentication updated
Forget devices from MFA access
When logging in using MFA, users may choose to remember their device/browser for 30 days.
You may Sign out all authenticated devices to forget the 30 days, by clicking the Forget Devices button:
After performing that action, the devices will need to re-enter the MFA code in order to access the dashboard again via web browser.