Skip to main content

Setting Up MFA

Multi-factor authentication (MFA) adds a second layer of security to your Bamboozle Cyber Protect account. Even if your password is compromised, MFA prevents unauthorized access by requiring a second verification step.

Enabling MFA for your own account

  1. Log in to https://cyberprotect.bamboozle.me.
  2. Click your username or avatar in the top right corner.
  3. Select User settings.
  4. Under Two-factor authentication, click Enable.

[SCREENSHOT: User settings screen with Two-factor authentication section]

  1. Download an authenticator app on your smartphone if you do not already have one. Recommended apps:

    • Google Authenticator (iOS and Android)
    • Microsoft Authenticator (iOS and Android)
    • Authy (iOS and Android)

  2. Open the authenticator app and scan the QR code displayed on screen.

  3. Enter the 6-digit code shown in your authenticator app to confirm setup.

  4. Click Confirm.

[SCREENSHOT: QR code setup screen with code entry field]

MFA is now active. Every time you log in, after entering your password you will be prompted to enter the current 6-digit code from your authenticator app.

Saving your recovery codes

After enabling MFA, you will be shown a set of one-time recovery codes. These codes can be used to log in if you lose access to your authenticator app.

  • Download or print the recovery codes and store them securely.
  • Each code can only be used once.
  • If you run out of recovery codes or lose them, contact Bamboozle Support.

[SCREENSHOT: Recovery codes screen with download option]

warning

Do not store your recovery codes in the same place as your password. If someone obtains both, they can bypass MFA entirely.

Enforcing MFA for all users (administrators)

Administrators can require all users in the organization to set up MFA:

  1. Click Settings in the left sidebar.
  2. Click Security.
  3. Under Two-factor authentication, select Required for all users.
  4. Click Save.

[SCREENSHOT: Security settings with MFA enforcement option]

Once this is enabled, any user who logs in without MFA configured will be prompted to set it up before they can access the console.

What to do if a user loses access to their authenticator

If a user loses their phone or authenticator app and does not have recovery codes:

  1. As an administrator, go to Settings then Users.
  2. Find the affected user and click on their name.
  3. Click Reset two-factor authentication.
  4. Confirm the reset.

[SCREENSHOT: User detail screen with Reset two-factor authentication option]

The user will be prompted to set up MFA again on their next login. Their account remains secure during the reset as they still need their password to log in.

Changing your authenticator app

If you want to move to a different authenticator app or get a new phone:

  1. Go to User settings then Two-factor authentication.
  2. Click Reset two-factor authentication.
  3. Set up the new authenticator app by scanning the new QR code.

Next steps

Was this page helpful?