Logging In with MFA

Once Multi-Factor Authentication has been enabled for an Enterprise and a Center has opted in either by manually turning on Multi-Factor Authentication at Center Configuration or has been automatically opted in by turning on Require for All Centers in Enterprise Configuration, the users associated to that Center will be required to authenticate upon log in to all Centers to which they have access based on the Remember Me (In Days) setting.

 

Logging In

1. Access the HST Practice Management Log In form.

2. Enter User ID.

3. Enter Password.

4. Enter Center ID

]

5. Click the Log In button.

6. If Password is Expired or Changed (either by the user or an Admin).

a. User is presented with message indicating their PW needs to be changed, click OK to change PW

b. Enter New Password

c. Confirm New Password

d. Click OK

e. User is presented with message asking if they want to log in to the system.

f. Click Yes

7. If Password is Not Expired go to step 8

8. User is presented with the Authentication Required dialog AND Simultaneously, user is sent a One Time Passcode (OTP) via the notification method indicated on the Authentication Required dialog (Email or Text). When this dialog opens, at the top is a message indicating where the code was sent, go check email or text messages for the One Time Passcode

 

9. Retrieve the One Time Passcode and enter it in the OTP field. This will enable the Log In button.

10. Click Log In. If the correct code is entered before it expires, the user will authenticate and be presented with the HST Practice Management home screen.

 

Resend – Clicking Resend will send another OTP to the designated notification method on the dialog. and a pop up message will be presented for a few seconds to prevent the user from immediately re-clicking the Resend button.

 

Cancel – Clicking Cancel will close the dialog and the HST Practice Management Log In form.

 

Access Issues

A user may encounter issues that prevent them from authenticating. Below are the messages they may see and can convey to their Center Administrator when reaching out for assistance.

 

Code is Expired

When the user attempts to use an expired code or enters a bad code but has not exceed the max attempts allowed, a red error ball will display, and the following hover message is presented:

Your code is invalid or expired, please click RESEND to obtain a new code.

 

 

No Valid Notification Method

If the user has neither email nor mobile phone number, access to the system will be denied and the following message will be presented after clicking the Log In button on the Log In screen.

You have no valid notification method configured. Contact your Center Administrator ###-###-####.

 

Too Many Attempts to Authenticate

When too many attempts have been made with a bad code, extra characters at the end or missing characters or clicking Resend button too many times, the following message is presented.

Your account is locked! You have exceeded your attempts to authenticate. Contact your Center Administrator ###-###-####.