HQ Logged in user details:

The GoFrugal HQ interface features a section in the top-right corner that presents vital information regarding the user currently logged in. This includes:

• User Name: The name of the active user.

• User Profile Picture: The profile image associated with the user account.

• Employee ID: The employee's ID will be shown in this section.

• Signout: End the current user session.

• Personalize: Details about Sessions, Password, MFA Settings, and Support Access Settings are available here.

It will also display information regarding Total Space, Used Space, and Free Space.

Open the menu by selecting the user name, which is marked by a small human figure in the top-right corner of the display.

Click on the disk usage percentage segment to explore more comprehensive information about disk usage.

Refer to the screenshot below for the details of the menu.

This section displays the virtual disk space, which includes details on Free Space, GOFRUGAL ServeEasy AutoBackup, Transaction Files, GOFRUGAL ServeEasy Logs, and other relevant data. This information will assist both your administrative team and our support team in effectively managing disk space.

More about Personalize:

Select the Personalize link to access the detailed section.

Session: After selecting the Personalize option, the Sessions tab will appear, enabling you to set the Session Timeout parameters.

• Select your preferred duration by clicking on the drop-down menu, where you can find options such as 30 minutes, 1 hour, 2 hours, 3 hours, or 4 hours.

• Click the Apply button to execute the modifications.

Password:

If an admin or any other user needs to change their password from HQ, they can accomplish this by accessing the relevant section. Begin by selecting the Personalize option and then navigate to the Password tab. You must enter your Current Password, New Password, Retype Password, select a Security Question, and provide the Security Answer before clicking the Update button. For those interested in the Password Policy, you can find more information by clicking the Password Policy link.

The screenshot below illustrates the details of the password policy.

MFA: (MULTI FACTOR AUTHENTICATION)

Multi-factor authentication (MFA) is a security strategy that requires users to provide multiple verification factors to access an account or system. This method enhances security by incorporating an additional layer of protection that goes beyond the use of passwords alone.

PRE-REQUISITES

Updating Valid Backup Contact Information

It is crucial to confirm that the mobile number and email address linked to the account are accurate and operational. If any of these details are found to be incorrect, inactive, or absent, it is advisable to contact the administrator to have the contact information updated.

Note: Users who have not updated their contact information may face challenges in completing the Multi-Factor Authentication (MFA) setup. The interface will instruct the user to reach out to the administrator for valid details on the Backup Contact Details verification page, and may either log the user out or direct them to the Dashboard, based on the MFA requirements established by the Administrator.

Authenticator Application

Ensure that the OneAuth authenticator application, or any other equivalent application, such as Google Authenticator, Microsoft Authenticator, or Authy, is installed, and that the user is successfully signed in on their mobile device.

How Does MFA Function in HQ?

1. Upon logging in with a valid username and password, the user is directed to the MFA Notification page.

2. By clicking Agree, the user must verify their Backup Contact Details, which include their mobile number and email address.

3. Once the Backup Details are confirmed, an OTP is dispatched to the user's email or phone number, depending on the country code, to authenticate their identity.

4. After entering the correct OTP, the MFA Setup Process initiates. If the user fails to provide a valid OTP after five attempts, they will be logged out.

5. The user should scan the QR code using an authenticator app. If scanning proves difficult, an alternative option is available to manually enter the secret key by selecting the 'Can't Scan QR?' option.

6. After successfully scanning the QR code or entering the secret key in the mobile authenticator, the app will generate time-based one-time passwords. The user should click Next to input the generated TOTP for authentication.

7. Upon successful verification of the TOTP, the user will be prompted to generate Backup Codes. When the user clicks OK, the backup codes will be downloaded to the local device if this is the initial setup.

MFA SETTINGS

Access the MFA Settings by navigating to 'User profile' (click on the username in the top-right corner) > Personalize > MFA Settings.

Setup MFA

The MFA Setup feature allows users to enable or disable MFA according to their preferences. When MFA is activated for an account, the option to disable it will appear under Setup MFA in Personalize > MFA Settings, provided that it is not enforced by the administrator.

Once the user selects Disable MFA, an OTP verification will be required.

After disabling MFA, the user will see the option to enable it again in the setup section. Clicking Enable MFA will direct the user to the MFA settings screen.

Generate Backup Codes

Backup codes consist of one-time-use codes that can be utilized to access your account if you are unable to use your TOTP method. They serve as a secure alternative for regaining access when other methods, such as your mobile device, are not available.

Importance of Backup Codes

• Backup codes are essential in various scenarios, ensuring continuous access to your account in the event of phone loss, damage, or if the user is unable to log in using TOTP.

• Backup codes can be generated after successfully setting up MFA. Once MFA is configured and TOTP is verified, users will be redirected to the backup code generation page. By clicking 'OK', the backup codes will be downloaded to the user's system.

• After enabling Multi-Factor Authentication (MFA), users can generate backup codes at any time by selecting 'Generate Codes' under the MFA Settings section in the Personalize screen.

ADMIN PRIVILEGES

Mandate MFA

When the administrator enforces Multi-Factor Authentication (MFA) for all users, each user must enable MFA during their next login to access the system.

1. Log in to HQ using valid credentials.

2. Go to Personalize > MFA Settings.

Note: The Personalize screen can be accessed by clicking the username in the top right corner.

3. Activate Mandate MFA by toggling the Mandate MFA option to the 'on' position.

Once the administrator activates Mandate MFA, users will be required to enable MFA during their next login. If you wish to deactivate Mandate MFA for the entire organization, simply repeat the steps and toggle the option to 'off.'

Disabling MFA for an Employee

An admin user has the authority to disable MFA for a regular user in cases of mobile device damage, loss, or other emergencies that prevent the user from accessing HQ through TOTP verification.

1. Navigate to Personalize > MFA settings > Disable MFA for a specific employee in the Admin login.

2. Search for the desired employee by their username, and their details will appear.

3. After selecting the employee and clicking Disable, MFA will be turned off for that specific employee.

Configuring MFA Not Now Interval Days

The MFA Not Now feature allows administrators to establish a designated interval for Multi-Factor Authentication (MFA) notifications. During this period, users who opt for the 'Not Now' option will not receive the notification popup for the specified number of days, as set by the admin.

1. Navigate to Personalize > MFA Settings > MFA Not Now Interval Days in the Admin login.

2. Click Edit to adjust the MFA Not Now Interval Days (default is set to 2 days).

3. Choose an interval (ranging from 1 to 10 days) and click Save to finalize the MFA Not Now settings.

Sign out:

By signing out from Gofrugal HQ, you are taking important steps to protect your sensitive information, maintain your privacy, and block unauthorized access to your account. This practice also supports the management of multiple accounts, ensures compliance with necessary regulations, and keeps your account environment clean and organized.

Exiting a Gofrugal HQ account comes with various benefits. It enhances security by safeguarding sensitive information, protects personal data and browsing history, and minimizes the risk of unauthorized access. Additionally, it ensures the confidentiality of work-related details, simplifies account management, complies with data protection laws, and helps maintain an orderly account.

To sign out from HO:

1. Select the user login icon in the top-right corner.

2. Click Signout.

You will be logged out from HQ, and the sign-in screen will appear as shown below.