Purpose

During the login process, it is possible that a user may no longer be able to generate a one-time passcode from their Authenticator app. Due to the sensitivity of the data held within Medicus, only an administrative user can recover their account by generating a 2FA recovery code. This guide covers the steps required to action this.

Generating a 2FA recovery code

If a staff member cannot generate a one-time passcode from their Authenticator app, you can issue them a recovery code to regain access to their account.

Go to Modules > Staff Administration and locate the staff member in the list. Select their name to open their staff details, then select Login & Security from the side navigation bar.

Select Generate 2FA recovery code. A screen will display the recovery code, which is valid for 24 hours. Once this period expires, a new code will need to be generated.

Share the recovery code with the staff member. They can enter it during the login process by selecting Enter recovery code from the 2FA screen, then entering the code and selecting Confirm.

If the code is entered incorrectly or has expired, an error will be shown and the staff member will need to try again or contact you for a new code. If entered correctly, they will regain access to their account.

Once they are logged back in, direct them to their My account settings to reset their two-factor authentication.