OneAdvanced Identity and MFA FAQs
What is SSO?
Single Sign-on (SSO) is a user authentication method that makes it easy to centrally manage application access and enables users to securely authenticate with multiple applications by using just one set of credentials. SSO not only makes it easy to centrally manage access to multiple applications or user accounts, but it also enables users to sign into a user portal with their existing corporate credentials and access all their assigned accounts and applications from one place.
Some of our products (like Care Cloud, oneAdvanced Financials and oneAdvanced HR) have SSO already and we are now looking to roll it out to Legal Forms customers.
You can read more about SSO, MFA and why it's important in our short explainer.
Login details
I've forgotten my username
Most of the time, your username will be your email address. If it's not your email address, you can contact your system admin and they can look up your username.
I've forgotten my password
No worries! Go to the login page as normal and enter your username or email address. Then you will see an option for 'Forgot password'. Click this button and you will be sent an email with a link to set a new password.
Authentication
What is MFA? Why is it important?
You can read about MFA and why it's important in our short explainer.
How often will I have to enter multi-factor authentication?
If you're using the MFA functionality provided by Identity, you will have to enter an MFA code each time you log into a oneAdvanced application. This applies to all logins, including those due to inactivity and expired sessions.
Your organisation may have setup SSO between your oneAdvanced account and another identity provider, such as Microsoft Azure Active Directory, Google Identity, or Okta. This means you can use those existing login details to access your oneAdvanced account, and it means the settings for multi-factor authentication are controlled by your organisation separately from Identity.
How do authenticator apps work?
Authenticator apps create time-based, one-time passcodes (TOTP or OTP) that can be used for multi-factor authentication. They function by storing a secret key provided by the service they wish to access and utilising it to generate a six- to eight-digit code that varies every 30-60 seconds.
Identity utilises the same process to build a code based on the current time and secret key, which it then compares to the code from your app. If the codes match, you will be granted access.
As the code is produced using the current time and a shared secret key, it is unique and only valid once, making it more secure than typical static passwords. This improves the security and convenience of logging in.
What authenticator app should I use?
You can use any authenticator app you choose. Your organisation might have a preferred one so check with them first. These are some popular options.
Encryption | Platforms | Cloud backup | Offline support | Benefits | |
All your data is safely stored offline on your device. If you're using cloud sync, the communication between your phone and your cloud backup or browser is end-to-end encrypted by default. | Android, iOS, and browser extension | Yes | Yes | + Simple and easy to use + Encrypted cloud backups to iCloud or Google drive | |
Stores an encrypted copy of your accounts in the cloud. The account is encrypted/decrypted inside your phone so neither Authy or anyone affiliated with Authy have access to your accounts. | Android, iOS, Windows, macOS, Linux | Yes | Yes | + The encrypted cloud backup means only you can ever access your information - Requires you to enter your phone number so it's not as independent as the other app options | |
Not end-to-end encrypted when connected to your Google account. You can use offline for more secure encryption. | Android, iOS, Chrome | Yes | Yes | + Connects to your existing Google account + Can use alongside Google Password Manager | |
Passwords in the cloud are encrypted and decrypted only when they reach your device. | Android, iOS | Yes | Yes | + Connects to your Microsoft account + Includes a lot of extras, including password management, verified IDs, addresses and payment card information + Backs up in the cloud if you turn on account recovery |
What happens if I change or lose my phone?
This depends on which authenticator app you're using. Some apps have cloud backups allowing you to recover your MFA accounts. Some will only let you transfer MFA accounts if you have access to your old phone and new phone together.
If you need to change your MFA settings to setup up a new authenticator app, please contact your Identity administrator who can reset this for you. The next time you login, you will be taken through the steps for 'Logging in for the first time' after MFA is turned on again.
By the way, if you use an authenticator app with cloud backup on an iPhone, you won't be able to transfer your MFA accounts to an Android phone.
What happens if the code from the app doesn't work?
If you're setting up MFA for the first time, you might have accidentally entered an incorrect code. Delete the account in your authenticator app, re-scan the QR code to create a new account in the app, then enter the new code.
If you have used MFA to login before, wait for a new code to be generated and try again. Authenticator apps create a new code every 30 or 60 seconds.
If you still can't get access to your account, contact your organisation's Identity administrator to reset your MFA settings. You will then be able to set up the authenticator app again and this should resolve the issue.
If the code still doesn't work, you can contact oneAdvanced Support for assistance.
Security
Is my data safe?
We're asking everyone to use multi-factor authentication to access their oneAdvanced software so that we can ensure your data is safe from malicious attacks. Using two forms of authentication increases security and can help prevent unauthorized account access, especially in the situation that your password has been compromised. You will most likely have experience of MFA in your personal life when accessing online banking, transacting online or accessing other apps.
I access oneAdvanced applications from shared devices, how does oneAdvanced SSO work then?
You can still use your oneAdvanced applications as normal from shared devices once you're using oneAdvanced SSO. Just make sure to log out when you're done and close your browser windows as you normally would. This will end your session and the next person to use the device will be directed to log in with their own details.
Who do I contact for support?
Contact your Identity administrator if you need help logging in or using multi-factor authentication. They can contact oneAdvanced Support if they need further help to resolve your problem.
