Improve the security of the your PX360 desktop account by enabling Multi-Factor Authentication. This ensures an additional layer of protection for a more secure log in experience.
Included in this guide:
Setting Up Multi-Factor Authentication
Multi-factor Authentication works by sending an OTP (One-Time Password) to the mobile number or email linked to the account.
When logging in and your mobile number is not yet verified, you will be prompted at login to enter your mobile number for the verification.
Clicking the Set Up Later button lets you bypass this process, but you'll be prompted to complete it every time you log in. We recommend this is turned on the first time for additional security to your login.
Entering your mobile number and clicking the Send Code button directs you to the screen for entering the OTP sent to your enrolled mobile number. Your mobile number will then receive an OTP that you need to enter.
Upon successful verification, you will be redirected to the PX360 Dashboard. You will continue to receive OTP via the mobile number for the instances cited below:
Logging in with a different device
Extended logout duration
Web browser update
Change in browser
Note: OTP via SMS is typically delivered within 60 seconds. If needed, you can request a new OTP every 2 minutes. Each OTP remains valid for 10 minutes, after which a new one must be requested.
On top of that, if you make three unsuccessful OTP entry attempts, your account will be temporarily blocked for 30 minutes. During this period, login access will be restricted on all browsers.
Enabling Multi-Factor Authentication for Email
Similar to how you setup Multi-Factor Authentication with your mobile, you need to verify the email address linked to your PX360 account before you can use it.
You can do this by heading to the User Management tab and tapping the Pencil button of the account that you want the Multi-Factor Authentication enabled.
Once you are in the Edit User Details page, a checkmark icon will be visible if the email is verified. Otherwise, click the Verify button and enter the OTP sent to entered email address.
If you enable the Multi-Factor Authentication via email, you will receive an OTP every time that you login.
Once you are done configuring your Multi-Factor Authentication, an OTP will be sent to your preferred option (Email/Mobile/Both).
Note: An admin can create a new account for another admin user, but they won't have the capability to verify it. However, as soon as the new user logs in, they will be prompted to verify both the phone number and email address before being able to enable MFA.
Changing Mobile Number/ Email Address
Please follow these steps when changing the phone number linked to your account to avoid any disruptions:
Go to the User Management Settings and select the account that you need to update by tapping the pencil icon on the far right side.
On the Edit User Details page, you have the option to update your linked mobile number or email address. Be sure to tap the 'Click to Verify' after making entering the new mobile number/email address and enter the OTP sent; otherwise, Multi-Factor Authentication will be automatically disabled.
Disabling Multi-Factor Authentication
Multi-Factor Authentication can be turned off by unticking the checkbox in the Edit User Details page although this action is not recommended for security reasons.
Troubleshooting
If you're unable to receive an OTP via SMS, please the following steps:
Verify that you entered the correct mobile number (applicable during setup/mobile number update).
Ensure that you are in an area with strong telecommunications service.
In areas with weaker coverage, please wait for up to 90 seconds before resending another OTP.
If you're unable to receive an OTP via email,:
Check your spam and junk folder as the OTP as it may have been filtered there.
To ensure that you receive the OTP, consider adding noreply@px360.com.au to your email whitelist. The exact steps may vary slightly depending on your email provider but the general idea is not to designate the email containing the OTP as spam.