Overview
What is Multi-Factor Authentication (MFA)?
Your security is a top priority here at Heartland. With this in mind, we have added Multi-Factor Authentication to the Admin Console and Mobile Manager app. MFA requires you to verify your identity when logging in to ensure that you, and only you, can access your account.
What are my MFA options?
- An authenticator app installed on your device
- Text message (SMS) to your mobile phone
Please note: For new users, when you log in for the first time with your temporary password, the system will prompt you to change your password and then confirm it. Then, to confirm your identity, the system will email you a one-time password (OTP) and display a screen to enter the OTP.
How to set up Multi-Factor Authentication
After logging in, select your preferred MFA method, tap Continue, and follow the on-screen instructions.
Authenticator App
Available apps include Google Authenticator, Authy, or Microsoft Authenticator. Click the link to install the app.
Text (SMS)
Enable this option to receive a code via text to your mobile phone.
Frequently Asked Questions
How do I modify or clear my MFA factors if I lose access to my authentication method?
To preserve the security of the accounts, users do not have access to modify or clear their own MFA factors in the event of a lost device. Should you need to do so, please reach out to our team for assistance at hmm.mfa@heartland.us.
Can I enroll in both the authenticator app and text message?
No, users may only enroll in one authentication factor at this time. If you need to change the factor you are enrolled in, please see above FAQ regarding modification or resetting of user factors
Do I have to authenticate at every login?
No, you may click “Don’t ask me again for 45 days on this browser” to require authentication only every 45 days. Please note that this feature is browser and device specific so, if you attempt to log in via a different browser or device, you will be prompted again. Also this feature does not function if you are utilizing incognito mode.
What happens if the user cancels during the factor enrollment process?
The user will be sent back to the application and receive an authentication failure notification. Upon any subsequent attempts to re-complete the enrollment process, the user will return to the beginning of the process to start over.
What do I do if I don't receive my authentication code with text message authentication?
Click “Resend” to have another code sent to your mobile device. If you still don't receive the code, confirm the provided information is correct and try again. If the issue persists, contact your POS Dealer or hmm.mfa@heartland.us.
Are there any other factors available to authenticate with other than the authenticator app and text message?
Currently the only supported authentication factors are text message and authenticator app. Other factors, such as voice, may be added at a later time.
What if I don't have a cell phone?
Users can opt for the Authenticator app and leverage the Authy desktop application.
What if the user doesn't want to provide their phone number for authentication?
Users can opt for the Authenticator app and leverage the Authy desktop application.
Is there a maximum number of login attempts before a user is locked out of their account?
Yes, after six (6) failed attempts to enter their email address and password at the first login screen, the user’s account will be locked. The user’s account will automatically unlock after 30 minutes of idle time, or can be more quickly unlocked by the user clicking “Forgot Password”.
Why isn't my “remember me for 45 days” working?
Because this function relies on cookies, if your browser is not set up to accept cookies, you may need to enable this. It could also be because you are logging in from a different browser, different device, etc and the “remember me” feature is device/browser specific.
If you require further assistance or would like additional information, please reach out to your POS Dealer or hmm.mfa@heartland.us.