User Guides
User and Group Management
MFA and session expiry
5 min
session timeout the hexiosec asm session timeout is set to 14 days, after this time you will need to sign in again additionally, if you don't use the app for 7 days, you will also be prompted to sign in again multi factor authentication (mfa) it is good security practice to use mfa for online accounts and the option to enable mfa in hexiosec asm is available from the account option by clicking on your user icon in the top right corner of the screen how to set up mfa this section will walk you through setting up mfa on your hexiosec asm account enabling and disabling mfa on an account can only be done by the account owner access your account information via the user icon in the top right of any hexiosec asm screen, and then click on 'authenticator' install a trusted authenticator app on your mobile device, if you don't have one there are many to choose from, for example the microsoft authenticator, google authenticator, authy, freeotp, plus many more open the authenticator app and select the option to add a new account this will vary by app but for the microsoft app it is the '+' in the top right corner for authy it is a tile on the main screen with '+ add account' scan the qr code displayed on screen, this should recognise that the app is hexiosec asm and save it with that name you can usually amend the name in the authenticator app if needed in hexiosec asm , enter the code displayed in the authenticator you will also need to enter the name of the device that has the authenticator app, this is just to provide a reminder to you and does not affect the mfa token click on save text entry box for the one time code and text entry box for the authenticator device name your mfa is now set up! you can return to hexiosec asm from the link on the top right of the screen i can't scan the qr code if you are unable to scan the qr code, you can set up mfa using a code, click on 'unable to scan' which is underneath the qr code in the authenticator app, you should have the option to scan a qr code or enter a code manually choose the manual code method and type in the code as shown in hexiosec asm as with the qr code, complete step 3 by entering the one time code and device name before clicking on save viewing mfa status for your organisation organisation admins can review the mfa status for all members of their organisation by clicking on the three dots on the scans page and selecting users the list will show the mfa status foreach person in your organisation the auth will show sso if your organisation is enabled and the user has signed in with sso lost device/new device for mfa if you lose or replace the device you use for mfa, please contact us from within the app or at support\@hexiosec com and we can remove mfa which will allow you to set up a new method or device for mfa