Identity Secured
Welcome to the next level of Authentication
This page serves as your guide to MFA.
Your Guide To MFA
Multi-factor authentication (or MFA, for short) asks individuals for a secondary confirmation of their identity at log in. Our organization requires using a physical device in the user’s possession (mobile app or hardware key). Passwords are essential for security and privacy, but they are often not enough. MFA is the most effective method of account takeover prevention, helping to protect you, the organization, and the data of all parties.
For a primer on MFA and its importance, please visit CISA.gov: More than a Password
Microsoft Authenticator is the MFA built into Microsoft products and platforms to protect your organization. It creates an “Invisible layer” that centralizes and protects all parts of the organization. Using Multi-factor Authentication and access controls to prevent all methods of login hacks. Users no longer need to do anything on their own. Using Evo Security makes it extremely difficult for a cyber-criminal to be successful.
For the most up to date instructions on using Microsoft Authenticator, please go to the Microsoft Support page here: Microsoft Mobile Phone Authenticator App
When you open the Evo Secure Login mobile app, you’ll be required to authenticate based on your mobile devices’ security and biometrics settings.
My keys
The main page of the mobile app will show your Evo and Third-Party keys.
- Clicking the appropriate key will present you with the one-time authentication code.
- You can collapse (hide) or expand (reveal) all if your keys by clicking the to the left of each key heading.
Offline codes
- From the main mobile app page, click the button with the three lines.
- Click Offline Codes.
- Answer the security questions associated with your Evo account.
- Click Done.
- Click the account you’d like to see the offline codes for.
- Click Done.
Add new keys
Adding new keys to the Evo Secure Login mobile app is super easy.
From the main page of the mobile app, click the plus icon. Scan the QR Code.
How to restore 3rd party keys
If for any reason you needed to reinstall the Evo Secure Login app you can restore your 3rd party keys with a click of a button. Restoring 3rd party keys is great, especially if you have several keys tied to your organizations instance of Evo Security.
- Open the newly installed Evo Secure Login mobile app.
- Click Restore.
- Answer the security questions associated with your Evo account.
- Click Done.
Optionally you can choose to start fresh and not restore your keys.
To do this, you will need a new QR Code to scan, or a new one-time code to login into your organizations Evo portal, your organizations administrator should be able to help you with that.
Once you have the new QR Code, from the apps splash page, click Continue, and scan the code
Supported devices and versions
(watch OS 7 and above)
If you have your Apple watch set to install all apps that are installed on your iPhone, you should be all set to start using the Evo Secure Login watch app.
- From your Apple mobile device, open the Watch app.
- From the Watch app, tap My Watch.
- Scroll down to Available Apps.
- Tap Install for the Evo Secure Login app.
Congratulations! You have completed the installation of your Evo Secure Login watchOS app.
The watch app works just like you’d expect. When a push notification is sent it will be received by both your iPhone and your Apple watch. Allowing you to accept or decline the push notification from other.
The difference however is with the Apple watch, you’ll notice that there are 3-buttons available, rather than the standard 2 that you see on the iPhone.
- Approve > Approves the push notification OTP and completes the login.
- Deny > Denies the push notification OTP and prevents the login from proceeding. Requiring you to request a new push notification if login is still required.
- Dismiss > Closes the application, resulting in no action taken. If you select Dismiss, you can still approve or deny the push notification from your iPhone.
While we recommend using the Evo Secure Login app for your MFA needs, you are free to other mobile authenticators such as Google Authenticator for your MFA needs. However, this comes with a few drawbacks if you choose to go this route:
- You will not receive push notifications to your device
- You will not be able to access an offline code
- You will not be able to restore your code(s)
- You will not be able to log into a corporate device if it is not online
Other Authenticators:
*Do note, we do not support third-party authenticator apps. So, if you experience issues there, we are unable to provide support.
Google Authenticator: Android For a primer on MFA and its importance, please visit CISA.gov: More than a Password
Downloading an MFA app like Evo Secure Login is safe as it provides an extra layer of security by generating time-sensitive codes for two-factor authentication.
This app only has access to minimal information on your phone, solely focusing on generating secure codes and enhancing the overall protection of your accounts. Location permission is used to authorize where you are located when you approve any login. Dove does not allow any logins outside of the US or Canada for Company security. Notification permissions on the EVO app allow it to send you a Push notification (you can get the language from the relevant links
In the world of cybersecurity, hackers now focus on exploiting users more than computers, aiming to access organization data with authorized users like you. Using data from the dark web, lists of known passwords, and even some social engineering, the goal is to impersonate you to gain access. As a response, organizations need additional ways to verify that a user account requesting access is really the individual in question.
In truth, about 90% of successful attacks are due to login breaches , and 60% of small businesses hit by a ransomware or other breach event won’t survive more than six months. If important now more than ever to ensure your organization is safe. By adding Multi-Factor Authentication (MFA), we can disable 99% of the impersonation attempts at once.
“Our organization is too small for a hacker to care!”
Cyber Criminals are smart, and hacking is a business. They know it’s not about how small you are, but how much you’re willing to pay to get back what they’re holding hostage. They now look for easy targets.
Passwords and their complexity have done a great job so far, and are still needed for a secure user experience, but the sad truth is that, no matter the complexity, passwords are almost trivial to overcome. Many individuals use the same password for work and personal, and most people have already been breached, leaving breadcrumbs for attackers to follow. Even the most complex password with 8 characters can be deciphered by tools in about 8 hours.
No, if requested, a physical hardware key will be provided, but all emails, teams, and other company resources will be removed from personal devices and only accessible from corporate owned devices.
•Replacement keys if lost or stolen will be replaced at a cost of $45.
If you would like to pursue this option, please reach out to DoveIT Support.
As stated above, passwords are not enough, but phone calls and SMS (test messages) are easy to imitate, brute force, or intercept. Mobile App Passwords are much more secure. See this report from CISA.gov: Implementing Phishing-Resistant MFA (cisa.gov)