How to set up MFA for the Patient Portal
How to set up multifactor authentication for the Patient Portal
Multifactor authentication is a security method that requires user to provider two or more verification credentials to access and account. In addition to a password, users can set up an an authenticator app as a second factor to secure their account.
Enable the Auth Module
- As an admin, go to Modules.
- Enable and install the "OpenCoreEMR Auth Module".
Configure Auth Module
- Go to Admin > Config > OpenCoreEMR Auth Module
- The setting for Patient Portal MFA Mode has three options:
- Disabled - MFA is disabled for Patient Portal users. Patients will not have the option to enable MFA for their user account.
- Optional - Patient Portal users have the option to enable MFA for the user account.
- Required - All Patient Portal users will be required to set up MFA for their user account.
Setting up MFA as a patient
- If MFA is required, you will be required to set up MFA after logging in with your username and password.
- If MFA if optional at an organization, you can set up MFA after logging into your account by going to Settings > Two-Factor Authentication.
- Scan the QR code or paste the code into an authenticator app of your choice. Common authenticator apps include Google Authenticator, Microsoft Authenticator, Apple Passwords.
- Save the Recovery codes in a secure location.