Experiencing issues with the new Login/Keychain process?

Click here for an update and guidance 

Help centre

Submit a ticket Log in

Multi-factor Authentication (MFA)

OneFile customers can use Multi-factor Authentication for all user accounts. To enable this, reach out to your Onefile Success Manager.

 When MFA is enabled it will apply to all your OneFile users excluding External Verifiers.

When Multi-factor Authentication has been enabled your users can follow the steps below to login to their account(s):

  1. Head over to https://login.onefile.co.uk/
  2. Enter your login details
  3. Install an authenticator app on your phone or tablet such as Google Authenticator
  4. Scan the QR code on screen using your Authenticator app
  5. Enter the code from the Authenticator app
  6. Click Continue 

Unable to scan the QR code or don't have a mobile device?

Don't worry! You can send your access code to your email when setting up MFA by clicking on Having trouble scanning the QR code? Once you have done this, you won’t be given the QR code again.  If you decide that you would like to register a mobile device later, you will need to reset your MFA credentials – see the FAQs below

What is MFA?

MFA or Multi Factor Authentication is a method of verifying a user's identity by requiring them to present two or more pieces of evidence (or "factors") to an authentication mechanism. These factors can include something the user knows (such as a password), something the user has (such as a security token or a smartphone), or something the user is (such as a fingerprint or facial recognition). MFA is used to increase the security of user accounts and protect against unauthorized access.

Who is MFA available for?
MFA is only available when logging in to a Keychain. MFA can be switched on at a customer level. Once it is switched on, it will be active on all centres for that customer, and every user that is part of that centre will need to create a Keychain (if they don’t have one already, if they do they can add the account to the already created keychain, steps to do this can be found here) in order to log in with MFA. If the page states that the invite failed, this is due to there already being a keychain created with that email address, they can reset this by clicking here and entering in their email address.
Can I switch on MFA for individual learners?
No, unfortunately not.  When you switch MFA on, it will be on for all users, across all centres that you have.  This is following best practice directed by NIST and Cyber Essentials that all cloud applications should have two authentication factors from different categories.
What authenticator apps can be used to register?
Any! Examples of which are Google Authenticator and Microsoft Authenticator.
How do I reset my MFA credentials?
Once you are logged in to your Keychain, navigate to Login Settings and select Reset authentication
How do I register a new mobile device with MFA?
You will need to firstly reset your MFA credentials.  Once you have done this, the next time you log in with your Keychain email address and password, you will be taken through the MFA registration process.

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.