Set Up Multi-Factor Authentication

At Lawmatics, safeguarding your data and account integrity is paramount. In line with our commitment to ensuring the highest level of security for our users, we require all Lawmatics account holders to set up Multi-Factor Authentication (MFA). MFA adds an additional layer of protection beyond your password, significantly reducing the risk of unauthorized access to your account, and is a mandatory security measure for all users.

What to Expect with Multi-Factor Authentication (MFA)

When you log in to your Lawmatics account for the first time after MFA enforcement, you will encounter an additional authentication step. This step is designed to verify your identity and ensure the security of your account. Here are the options that you will see available:

Notification via Authentication App:

If you've chosen to use an authentication app such as Auth0 Guardian App or Google Authenticator, you will receive a notification on your device prompting you to approve the login attempt. Simply review the notification and follow the prompts to authenticate securely.

SMS Verification:

If you've opted to receive MFA codes via SMS, you will receive a text message containing a verification code to your registered phone number. Enter this code when prompted during the login process to complete authentication.

Security Key:

Users who have configured a security key for MFA will be prompted to insert their key into the appropriate device port and press a button to authenticate


Important: Secure Your Recovery Code

Regardless of the MFA method you choose, Lawmatics will provide you with a recovery code when first setting up MFA. This code is crucial for regaining access to your account in case you are unable to use your preferred method of authentication. We strongly advise you to save this recovery code in a secure location to ensure that you can always access your account, even if you're disconnected from your primary MFA method.

FAQ

Why doesn't Lawmatics offer MFA through email?

Email-based MFA can be unreliable due to its susceptibility to phishing attacks, account compromise, and lack of device independence. For optimal security, email-based MFA is not offered, and we require the use of more secure MFA methods.