MIDAS Knowledge Base MIDAS Knowledge Base

Two-Factor Authentication in MIDAS

In this article:

What is Two-Factor Authentication?

Two-Factor SecurityTraditionally, when you access a website, app, or online service which requires you to "log in", all you typically need to provide is your username (or email address) and a password in order to authenticate your access.

Unfortunately, many people use the same credentials (username/password) over and over again across multiple websites/apps/online services. This means that if one of those services suffers a data breach and user credentials are exposed, an attacker could potentially then access all other websites/apps/online services the user uses.

Two-factor authentication (or 2FA) helps combat this, by employing a secondary means of authentication in addition to the traditional username/password combination in order to authenticate your access to the website/app/online service. This means that even if your username/password were to be compromised, an attacker couldn't then use these on their own to gain access to your account.

Two-Factor Authentication in MIDAS

2FA support was first introduce with MIDAS v4.10 (September 2015). Initially, 2FA support was via the method of a unique code being set to the registered email address of the user.

2FA support was further enhanced in MIDAS v4.38 (December 2024) through the introduction of support for TOTP Authenticator Apps (like Google and Microsoft authenticators).

Authenticator apps generally provide a more secure alternative to 2FA codes sent via email, and is the 2FA method we recommend going forward.

MIDAS v4.38 also introduced more 'granular' control of 2FA settings within the software. Previously, 2FA was a 'global' setting affecting all user accounts within a MIDAS booking system. Now, 2FA can be enabled/disabled per user account.

Enabling/Disabling Two-Factor Authentication...

...in MIDAS v4.10 - v4.37:

An administrative user may enable/disable Two-Factor Authentication in MIDAS via MIDAS Admin Options → Manage MIDAS → Security.

Enable two-factor authentication in earlier versions of MIDAS

...in MIDAS v4.38 (and later):

An administrative user can readily set the Two-Factor Authentication method across all user accounts in MIDAS via MIDAS Admin Options → Manage MIDAS → Security.

Globally enable two-factor authentication for all user accounts in MIDAS v4.38 and later

Alternatively, an administrator can make changes to 2FA options on a per-account level via MIDAS Admin Options → Manage Users & Permissions.

Enable and set two-factor authentication method per user account in MIDAS v4.38 and later

Before enabling Email 2FA Authentication

In order to sent 2FA codes to users via email, your MIDAS system will first need to be correctly configured to send email. You'll find these settings via MIDAS Admin Options → Manage MIDAS → Email. It is strongly recommended that whenever making changes to the email settings within the software that you then send a "test" email from the system to yourself to ensure you're able to receive email from the system BEFORE enabling Two-Factor Authentication via email.

This option is disabled if Single Sign-On (Active Directory) support is enabled, or if no "Outgoing emails appear sent from" email address has been specified (MIDAS Admin Options → Manage MIDAS → Email)

IMPORTANT: If you enable Two-Factor Authentication for your MIDAS system yet the software has not been correctly configured to send email, users will not be able to receive Authorization Codes via email and will be unable to login.

Logging in when Two-Factor Authentication (via Email) is enabled

When Two-Factor authentication via email has been enabled on your account, begin by logging in as normal by entering your email address and MIDAS password, and then clicking "Login":
MIDAS room booking and resource scheduling login screen

An Authorization Code will then be emailed to you, and you will be presented with a screen prompting for your Authorization Code:

Two-factor login authentication for MIDAS

Simply enter the Authorization Code contained in the email in the space provided and click "Login". If the code is valid, the login process will complete and you will be successfully logged in.

IMPORTANT NOTES FOR USERS

For Two-Factor Authentication via email to be an effective layer of additional security, you should ensure that the password you use to login to MIDAS is never the same as the password you use to access your own email account inbox. If these two passwords are currently the same, we strongly advise changing one or both.

You can change your MIDAS password at any time, once logged in, via the "Change Password" link near the top of the screen.

Logging in when Two-Factor Authentication (via Authenticator App) is enabled

When 2FA authentication via authenticator apps has been enabled on your user’s account, the next time you login, you'll be presented with a QR Code to scan with your authenticator app:

Scan QR Code or manually enter key into your TOTP Authenticator App

If you're unable to scan the presented QR Code - for example, if you're on a desktop computer - a 'secret key' is also provided which can be manually entered into your authenticator app.

Your authenticator app will then generate a 6 digit code which you can enter to complete the login to your MIDAS booking system.

The QR Code / Secret Key needs only to be scanned/entered into your authenticator app once upon your first login. For subsequent logins, you'll simply need to open your authenticator app and enter the 6 digit code that it generates in order to complete your login:

Generate a login code in your TOTP Authenticator App to login

You might also be interested in...


MIDAS » KB » Support » Article 00141

← Return to the Knowledge Base