Multi Factor Authentication

To better secure your customer data you can enable Multi Factor Authentication on your uCollect accounts.  We support both Google and Microsoft authenticators (plus others that support this generic standard).

NOTE: Xero is requiring all apps that connect to Xero ledgers enforce multi-factor authentication.  Therefore all Xero users will now be required to establish MFA on their user accounts to access uCollect.  To facilitate this all users should have their own unique login (we do not have user limits) and have an authentication device available.  If you do not have a mobile phone with a Google or Microsoft Authenticator app and cannot install one, you can try this Chrome Extension.

Here's a useful article if you haven't used an authenticator app before, and here's a great introductory video.  If you do not have a mobile phone with a Google or Microsoft Authenticator app and cannot install one, you can try this Chrome Extension.

Our authentication has been tested with the following authenticator devices/apps:

  • Google Authenticator
  • Microsoft Authenticator
  • Lastpass Authenticator
  • Twilio Authy Authenticator
  • Authenticator App (Pixster Studio)

It does not work with:

  • Xero Verify
  • RSA SecurID

Setting up MFA on your account

Any user profile can activate MFA as follows:

  1. Go to Edit, User Profile
  2. Check the box for "Enable MFA" and click Submit
  3. Using your Google or Microsoft authentication key generator add an account
  4. Scan the QR code to create the token.
  5. Enter the challenge key provided on your device into the uCollect screen (under the QR code).
  6. If you want uCollect to remember you on this device for 30 days check the box before hitting submit.
  7. Click the Verify button.

If MFA is enforced for an organisation you will not be able to access that organisation until you have established MFA on your account.  You will be presented with the screen above and will need to sucessfully generate a token (6-digit code) on an authentication app to be able to proceed.

Resetting your MFA token

If you lose your MFA device but are still within the 30 day window then you can reset your MFA settings from inside your User Profile (Edit, User Profile).  Just check Remove MFA, Update Profile, Refresh the screen, check Enable MFA, Update profile. and then set it up again.  

If you are unable to login please contact an administrator for any of the organisations you have access to.  They can reset your MFA (forcing you to set it up again on your next login) from the Edit, Organisation Settings, Users section (click the Reset MFA link beside the user name).  If you are the only administrator then you will need to contact uCollect Support.  Please send an email from your registered user email address directly (not through our web form) and attach a copy of personal ID that matches the name in your user profile).  You will need to be able to reply to a message from us for verification.

Organisations Requiring MFA

An organisation administrator can enforce MFA for all users (users of Xero-connected organisations are enforced by default, as required by Xero) by doing the following:

  1. Log into uCollect as an Administrator for the organisation.
  2. Go to Edit, Organisation Settings
  3. Scroll down to the MULTI-FACTOR AUTHENTICATION SETTINGS section
  4. Check the box "Require Multi-Factor Authentication for all users" and click submit.

Any user that does not have MFA enabled on their account will need to setup MFA before being able to login/switch to that organisation.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us