Setting up Two Factor Authentication (2FA) in VITAL Online

Posted on March 9, 2023

Instructions below for:
– setting up 2FA using an Authenticator App
– logging on to VITAL Online using 2FA
– troubleshooting (what to do if you lose access to an Authenticator app – e.g. a new phone & what to do if your One Time Password is “not valid”) & Notes

Two Factor Authentication (2FA) has been implemented in VITAL Online to maintain required security standards.

How set up an Authenticator application

Download an Authenticator app (or use one you already have).
Google Authenticator and Microsoft Authenticator are both popular version – any authenticator app can be used.
Hint: This can be downloaded on your computer, phone or other device – however many users have reported that it easier to use an Authenticator from a phone.
Login to VITAL Online and click on “SETUP 2FA” (as per image below)

4. Open the Authenticator App. Click on the Add (+) button (or similar) to initiate the process to link the Authenticator app to VITAL Online. The Authenticator app should prompt the user to scan the QR code or using the TOTP code.
Note: If scanning the code, ensure that the scan is done using the Authenticator App – do not use the Camera App to scan the code.
Also, record the Recovery Code. The recovery code will give access temporarily to VITAL Online where the Authenticator app is not available. (see notes below if reset of Authenticator is required)

5. Follow the prompts in VITAL Online to enter the Verification Code.

Login to VITAL Online using 2FA

2. Access the linked Authenticator app to get the One Time Password and enter into VITAL Online and select LOGIN

Troubleshooting & Notes

A notice that the user is “unable to log in with provided credentials” indicates that the incorrect password has been entered. Please use the “forget password button” to reset your password.

A notice that the user has “Exceeded login attempts before 2FA enabled.” requires the Allergen Bureau to reset the login. Please contact the Allergen Bureau via VITAL Online “Contact Support” or directly at info@allergenbureau.net.

If the one time password (OTP) generated by the authenticator is “Not Valid”, a likely issue is that the times on the device with the Authenticator and the device running VITAL Online are not synchronized. The solution is to have the time on both devices to be ‘Set Automatically’ (and not manually set). Please also consider checking your time zone/daylight saving settings.

Each logon can only be linked to one Authenticator account.
It is not possible to disable 2FA for any user in VITAL Online. It is not possible to use SMS or phone as an authenticator method. The only 2FA method for use with VITAL Online is an Authenticator application.
When having issues with 2FA, there might be caching behaviour of your browser. Please apply your business protocol for cleaning up. The below information might assist you to clear the browser cache:
- Chrome, Firefox, or Edge for Windows: Press Ctrl+F5 (If that doesn’t work, try Shift+F5 or Ctrl+Shift+R).
- Chrome or Firefox for Mac: Press Shift+Command+R.

A new phone?

If you lose access to the Authenticator app (e.g. new phone), contact the Allergen Bureau via VITAL Online “Contact Support” or directly at info@allergenbureau.net to reset your account to allow a new Authenticator app to be linked.

Like to prevent future login issues?

It is considered best practice to add a secondary business email to ensure that, in case there are issues with the primary owner email, a secondary email can be accessed to ensure business continuity.
Shared email addresses are not recommended for the system. They create issues for the 2FA process as an authenticator app must be used to log in.
There is no limit to the number of users that can be added to the VITAL Online account.

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.