Multi-Factor Authentication
As part of our continued commitment to data security and regulatory compliance, Mabdeck is introducing Multi-Factor Authentication (MFA) for all Administration Portal user accounts.
This enhancement is designed to offer an additional layer of protection for your Personal Identifiable Information and help meet important legislative requirements, including those set out under UK GDPR and NIS2 (Network and Information Systems Regulations 2024).
Below, we’ve outlined what to expect when logging into the Mabdeck Admin Portal, from first-time MFA setup to recovery options in case of lost access.
Please note, this will be rolled out to Mabdeck Admin users only and residents with online accounts will not be affected by this change.
Why MFA Matters – And Why We’re Introducing It
Cybersecurity threats are on the rise, and user credentials alone are no longer enough to protect against unauthorised access. Multi-Factor Authentication (MFA) helps reduce the risk of security breaches by requiring an additional verification step beyond a username and password.
UK legislation, including the updated NIS2 Directive and the UK GDPR, places increased emphasis on strong user authentication practices, especially where personal or sensitive operational data is involved. MFA implementation helps your business align with these requirements and reduce your risk profile.
First-Time MFA Setup
If your account does not yet have MFA configured, here’s what you can expect on your next login:
- Login as usual using your username and password
- You will be redirected to the MFA Setup Screen
- You’ll be prompted to download an Authenticator app (available on Android and iOS). We recommend using the Google Authenticator app but it is not required
- In the app, scan the QR code provided or manually enter the setup key.
- The app will then generate a 6-digit authentication code.
- Enter this code on the MFA setup screen in Mabdeck
- Once successful, you’ll be shown a set of recovery codes.
- Important: Copy and save these in a secure location. You’ll need them if you ever lose access to your authenticator app.
- Confirm that you’ve saved your recovery codes.
- You’ll now be logged in and redirected to your dashboard.
This is a one-time setup process. Once completed, MFA will be required at every login.
Regular Login Process (After Setup) Once MFA is configured:
1. Enter your username and password as normal.
2. You’ll be taken to the Enter MFA Code screen.
3. Open your Authenticator app and input the 6-digit code displayed.
4. If the code is valid, you’ll be securely logged in to the portal.
Recovery & Reset Process
We understand that access to your authenticator app may be lost (e.g., device change, app deletion). In these cases, recovery options are available:
Using a Recovery Code
1. On the Enter MFA Code screen, select the option to reset MFA.
2. You’ll be prompted to enter one of your recovery codes.
3. If valid, you’ll be redirected to the First-Time MFA Setup screen to reconfigure your app.
4. If invalid, a validation error will appear and no changes will be made
Admin-Level Reset
If you’ve used all your recovery codes or permanently lost access to your Authenticator app, an administrator within your organisation can reset your MFA configuration. After this reset, you’ll be prompted to go through the first-time MFA setup again upon your next login.
Stay Secure, Stay Compliant
Implementing MFA not only protects your company and user data from unauthorised access but also helps meet your compliance obligations under UK cybersecurity and data protection laws.
We expect to roll this out as part of Release 2025.9 at the earliest.
We will update you as needed on this. If you have any questions about this update or need assistance with MFA setup or recovery, please contact your Mabdeck administrator or our support team. Thank you for helping us keep Mabdeck secure for everyone.