Atrium allows admins to set up two-factor authentication via email, SMS and/or authenticator apps (i.e. Google Authenticator, Microsoft Authenticator). Please note that if two-factor authentication is turned on, it is turned on only for the portal (does not include the mobile app), and is turned on for all types of users (admin, clients and interpreters). This is managed in the Password Settings box of Administration - Maintain Company. If an agency is not set up to send SMS through Atrium, allowing SMS for two-factor authentication will be disabled.
When more than one option for two-factor authentication is turned on, the user is able to select their preferred method.
If email is selected, the user will receive an email with a verification code that must be entered. If SMS is selected, the user will be prompted to enter a phone number to send the verification code to. The phone number should not be formatted.
If the authenticator app is selected, the user will see a QR code that can be scanned with their mobile phone. After scanning the QR code, the user is asked if they want to set up the token and the site is added to the authenticator app. After the initial scan, the user will always use the authenticator app to obtain the verification code.
After entering the verification code, the user has the option to remember the device for 30 days. If this is selected, the user will not be prompted for the verification code until the 30 day period is over.