AthenaMFA is safer than SMS verification, and you can be assured that you will be notified of all attempts to login to a website or application. Then only when you approve them will access be granted.
AthenaMFA is available for iOS and Android, you can download by searching Google Play Store or iOS App Store for AthenaMFA.
Once you have downloaded the app, you can register for free and start benefitting from the most efficient and simplified two-factor authentication experience.
Using the app
Securing access to the app
When you first log in to the app you will be asked to set a PIN code to prevent unauthorized access to your accounts.
But there are a couple of other options to make it even more secure and these are available via the settings menu, which is accessible from by tapping the cog from the main top menu.
From the settings menu you can enable biometric authentication to allow you to use fingerprint or facial recognition if your device supports it.
By default, the application will lock after 5 minutes if it has not been used, under the settings menu there is also an option to lock the application immediately, so every time the app goes to the background you will need to enter your PIN or use biometrics if it has been enabled.
You can access your AthenaMFA account on multiple devices and your accounts will automatically synchronize between them.
When you log in to a new device, we will let you know via email just so you know it has happened. If you are signed into another device, you will also receive a push notification to make you aware.
To view the sessions you have active, you can go to the settings menu by tapping the cog on the main top menu and choosing the View Sessions options.
From the Current Sessions menu, you can see all logged in devices and delete any current sessions you no longer use.
Changing your password
Go to the settings menu by tapping the cog on the main top menu and choosing Change Password.
When you change your password, we will automatically log out all sessions except the device you are using, this will ensure that if you are changing your password because someone managed to gain access to your account, they will be logged out and your account will be secured.
Adding another email address to your account
If you have multiple email addresses, they can all be secured via a single AthenaMFA account.
To add another email address, click the + from the main top menu, enter the email address you wish to protect.
We will send an email to that email address confirming that you wish to add it to your AthenaMFA account, click the link in the email where you will be prompted to accept or reject the request.
If someone malicious is trying to add your email address to their AthenaMFA account, you can use this email to reject the request. Keeping you secure.
Transferring an email address to a new AthenaMFA account
If an email address has been previous added to another AthenaMFA account, you can follow the procedure to add the email address to your account, when you receive the confirmation email and you accept the request it will be automatically removed from the old AthenaMFA account and approved on yours.
Removing an email address from your account
Within the app account list, tap and hold on the email address you wish to remove, after a second it will ask you to confirm you wish to delete the account.
Once you have confirmed you wish to remove the account you will be sent a confirmation email, once you have received the email, click the link which will then ask you for one last confirmation of the action.
Until you confirm this action, the email address will remain on your AthenaMFA account, and you will still be able to authentication.
This is just an extra precaution to make sure you did it intentionally.
Closing your AthenaMFA account
If you no longer wish to use the AthenaMFA service, you can close your account.
To close your account, access the settings menu by tapping the cog from the main top menu bar and choosing Close Account.
Confirm you wish to close your account and we will send you an email confirmation.
Once you receive the email confirmation, click the link, and then confirm your action, once confirmed your account will be closed and all email addresses associated with it will be removed.
Please be aware that this action is permanent, and you will need to register again if you change your mind.
Actioning authentication approval requests
Although AthenaMFA works by using your email address to send authentication approval requests, you don’t want to be sent push notifications requests you have not agreed to.
So, the first time you access a website or application which uses AthenaMFA you will be asked to respond with a code, there you will also have the option to say you wish to have future requests sent by push notification (don’t worry even when you agree to this you can still respond with code if you cannot receive the push notification).
Respond with code
When you are prompted to respond with a code, it will let you know which email address you need to respond with and a request id.
From within the AthenaMFA mobile application, tap the account indicated on the prompt, you will then be asked to enter the request id, you will then be given a time limited code which you then enter in the prompt.
Before you click approve you can optionally tick to confirm that future requests can be sent via push notification.
Respond to push notification
If you have opted to have authentication approval requests sent via push notification, when you attempt to log into a website or application which uses AthenaMFA it will send you a push notification to all mobile devices you have logged into.
The prompt will show you the username you are attempting to log in as, the request id (which is also visible from the prompt), the website domain and the time of the request. You can use this to ensure you are approving the correct session and it is not a spoofing attempt.
Push notifications must be responded to within 30 seconds, or it will revert to respond with code method.
The push notification has three options:
- Block push request, this will decline the authentication request and prevent the website or application sending you future push notifications. You can enable this the next time you log into the website or application by responding with code and opting to receive push notifications.
- Deny, this will reject the authentication request and the log into the website or application will be blocked.
- Approve, this will confirm it is you and the log in can continue.