Login with Multi-Factor Authentication (MFA)
Summary
Multi-Factor Authentication (MFA) adds an additional layer of security when signing in to Plumm. After entering your login credentials, you must verify your identity using a verification code sent to your registered email address before you can access the platform.
In this article
- Before you begin
- Step 1: Access the login page
- Step 2: Sign in to Plumm
- Step 3: Verify your identity using MFA
- Step 4: Handle verification code errors and retries
- Step 5: Manage SSO-only login settings
- Frequently Asked Questions (FAQ)
Before you begin
To sign in using Multi-Factor Authentication (MFA), you must:- Have an active Plumm account
- Have access to your registered email address
- Know your login credentials, or have access to your Google or Microsoft account for SSO sign-in
Note
- Verification codes are sent to the email address registered on your Plumm account.
- Company administrators can enforce SSO-only sign-in through Security Settings. This setting is available only for Plumm Core users.
Step 1. Access the login page
- Navigate to the Plumm login URL.
- The login page will be displayed.
- Review the available sign-in methods.
- Login with Google
- Login with Microsoft (SSO)
- Work Email and Password
Step 2. Sign in to Plumm
- Enter your registered work email address.
- Enter your password.
- Click Login.
Alternatively:
- Click Login with Google to sign in using your Google account.
- Click Login with Microsoft to sign in using your Microsoft account.
- Complete the authentication process with your selected provider.
After successful authentication, you will be redirected to the verification page.
Step 3. Verify your identity using MFA
- A verification code will be sent to your registered email address.
- Open the email and copy the verification code.
- Enter the verification code on the verification page.
- Click Verify & Login.
If the verification code is valid, you will be successfully signed in and redirected to the Home page.
If you do not receive the verification code:
- Click Resend Code.
- A new verification code will be generated and sent to your registered email address.
- A confirmation message will be displayed: "A new verification code has been sent."
- Enter the newly received verification code.
- Click Verify & Login.
Step 4. Handle verification code errors and retries
If an incorrect verification code is entered:
- A validation message will be displayed: "Verification code is not valid."
- You will remain on the verification page and can try again.
If the verification code has expired:
- Verification codes are valid for 5 minutes from the time they are generated.
- If you enter a verification code after 5 minutes, a validation message will be displayed: "The verification code has expired."
- You will remain on the verification page.
To continue:
- Click Resend Code.
- A new verification code will be generated and sent to your registered email address.
- A confirmation message will be displayed: "A new verification code has been sent."
- Enter the newly received verification code.
- Click Verify & Login.
If an incorrect verification code is entered five consecutive times:
- A validation message will be displayed: "Maximum verification retries reached. Please log in again."
- You will be redirected to the login page.
To continue:
- Sign in again using your preferred login method.
- A new verification code will be sent to your registered email address.
- Enter the new verification code.
- Click Verify & Login to complete the sign-in process.
Important
- Verification codes expire after 5 minutes.
- Each newly generated verification code is valid for 5 minutes from the time it is sent.
- It is recommended to use the most recently generated verification code when multiple codes have been requested.
Step 5. Manage SSO-only login settings
This setting is available within the Plumm Core product.To configure the setting:
- Go to Settings.
- Open General Settings.
- Navigate to Security.
- Enable the SSO-only Login toggle.
When enabled:
- Employees can only sign in using Google or Microsoft SSO.
- Standard email and password sign-in will be disabled.
- MFA verification through email is no longer available for standard email and password login because the sign-in method is disabled.
If a user attempts to sign in using email and password after the setting has been enabled, the following error message will be displayed:"Sign-in method is disabled. Your company administrator has disabled email and password login. Please continue using Microsoft, Google, or your approved company sign-in method to access your account."
Frequently Asked Questions (FAQ)
1.What is Multi-Factor Authentication (MFA)?
MFA is an additional security measure that requires users to verify their identity using a verification code sent to their registered email address after entering their login credentials.
2. Where is the verification code sent?
The verification code is sent to the email address registered on your Plumm account.
3.What should I do if I do not receive the verification code?
Click Resend Code to generate and receive a new verification code.
4.How long is a verification code valid?
Verification codes remain valid for 5 minutes from the time they are generated.
5.What happens if my verification code expires?
If you enter a verification code after it has expired, a validation message will be displayed: "The verification code has expired." Click Resend Code to receive a new verification code and continue the sign-in process.Verification codes remain valid for 5 minutes from the time they are generated.
