Notifications

2368 views

Overview


Multi-factor authentication (MFA), also known as two-step verification. It is a security requirement that requires users to enter more than one set of credentials in order to authenticate to an instance.

 

Downloading and Setting up the Authenticator Application for first time users to HI

With Multi-Factor Authentication enabled on HI Account, you would require an additional 6-digit verification code for a successful login to HI. 

This code can be generated by an authenticator app (e.g., Google Authenticator, Authy, or any app that supports the Time-based One Time Password (TOTP) algorithm).

When logging into HI after Multi-Factor Authentication (MFA) has been enabled, you should see below page to setup an Authenticator.

  • Open HI Service Portal (URL:https://hi.service-now.com)
  • Click 'Sign In' (On top right of the screen)
  • Enter your HI UserID and Password
    • If you don't remember your password, please click 'Forgot Password' and follow the instructions
  • After successful log-in with your ID and Password, you would be prompted to below screen (first time user's only)
    • After you have successfully set-up an authenticator application, you should see a screen to enter the MFA code

Note

  • If you have issues enabling multi-factor authentication, click Bypass Setup. This will allow you to log into HI for three times before MFA is required.
  • If you do not see Bypass Setup in below screen, it means that you have already used three time courtesy login to HI without using MFA
    • At this stage, it becomes mandatory to setup an Authenticator and generate a code for a successful login to HI




 


 

  • Download and install an Authenticator Application that supports TOTP (Time-based One Time Password) Algorithm
    • Few popular Authenticators are Google Authenticator, Authy, Authenticator, Microsoft Authenticator These applications are available in Android and iOS App-Store
    • If you do not own a smartphone, you can install Authy on your Windows or iOS installed computer (or laptop)
  • On the mobile device, open the Authenticator application
  • Select Manual Entry or scan the QR code
  • After scanning the QR Code, the authenticator app displays a 6-digit verification code
  • Enter the 6-digit verification code on your mobile device into the text box (Step # 3 of your MFA Setup screen as shown above)
  • Click Pair Device and Login
  • You are successfully logged-in to HI
  • The verification code generated on the authenticator application automatically refreshes every 30 seconds

Now you have successfully set-up an Authenticator app (it could be on your mobile or standalone desktop or laptop).

Follow next steps to log-in to HI by using the 6-digit verification code generated

 

Logging into HI with Multi-Factor Authentication


After an Authenticator application has been configured, copy the verification code when logging into HI.

  • Open HI Service Portal (URL:https://hi.service-now.com)
  • Click 'Sign In' (On top right of the screen)
  • Enter your HI UserID and Password
    • If you don't remember your password, please click 'Forgot Password' and follow the instructions
  • Successful log-in with your HI User ID and password should take you to next screen to enter MFA code
  • Open Authenticator Application (mobile or standalone desktop or laptop)
  • Type the 6-digit verification code displayed on the authenticator application on the screen displayed in your browser
  • Click Login.



  • Alternatively, request a verification to be sent via email by clicking "click here to receive a one time code via email" (on blue section as displayed in below screenshot)
  • You should receive the verification code to your email address
    • Verification code is sent to the email ID mentioned in your HI Profile
    • To update or correct the email ID, you need to reach out to your companies ServiceNow Administrator (one with customer_admin role on HI)
  • The verification code that you received via email is valid for 10 minutes

Note: The system time on your computer must be in the same time zone as the time on your mobile device in order for the code to work.




 
 
Reset Multi-Factor Authentication (MFA) or Pair a New Device

In-case you have lost your phone or changed your device, you can log-in to HI using the option "Receive one-time code via email"

You can also use this option to pair a new device. 

Note: You can select multiple authenticators on multiple devices at the same time. All authenticators should generate the same one-time verification code

 

  • Open HI Service Portal (URL:https://hi.service-now.com)
  • Click 'Sign In' (On top right of the screen)
  • Enter your HI UserID and Password
    • If you don't remember your password, please click 'Forgot Password' and follow the instructions
  • Successful log-in with your HI User ID and password should take you to next screen to enter MFA code
  • Click the link to receive a one-time code via email
  • Click the Option "click here to receive a one time code via email" (on blue section as displayed in below screenshot)



  • You should receive the verification code to your email address
    • Verification code is sent to the email ID mentioned in your HI Profile
    • To update or correct the email ID, you need to reach out to HI-Administration
  • After receiving the code, enter the 6-digit code into the 2-Factor Authentication text box
  • Click Login
  • You are logged in to HI Service Portal View
  • Click on your name (top right of the screen)
  • Click 'My Profile'
  • Your details will be displayed
  • Click '...' (three-dots just above the place where Active and Locked-out are displayed)
  • click Multi-factor Authentication
  • Multi-Factor Authentication Setup page is displayed with a QR Code
  • Open the Authenticator on your phone (or on your computer)
  • Manually enter the 6-digit verification code on your mobile device
    • Alternatively, tap Scan Barcode and point your camera at the QR code on your computer screen
  • Click Pair Device and Login.
  • The new device is now paired and refreshes every 30 seconds.

 

 Install Authy in Chrome


This section describes how to install and configure the Authy application in Chrome.

  1. Ensure that you are running Chrome 47.0.2526.106 or higher.
  2. In a Chrome browser tab, navigate to Authy app's page in the Chrome Web Store.
  3. Click Add to Chrome.



  4. In the confirmation dialog, click Add.

  5. Launch the Authy app from the Chrome App Launches menu or click  in the upper-right corner.
  6. Identity verification can be completed in two ways:
    • Cell Phone: Provide your cell phone number and verify your identity by a call or SMS. Also, enter your ServiceNow email address when prompted.
    • Desk Phone: Select the callback option. A registration pin is generated on the screen. Enter the registration pin (2 digits) when the call is received. 


  7. Click the gear icon in the upper-left corner.



     The Authy configuration screen appears.

  8. Click the Account tab to set up a master password (optional).
    If you forget your master password, there is no way to recover the password. You will have to delete all your Authy accounts, uninstall, and reinstall.
  9. Enter your password in Master Password.
  10. Click Add Authenticator Account in the bottom-left corner.
  11. Enter in the 16-digit code (without spaces) displayed on the HI login screen.
  12. Click Add Account.
  13. Select a logo, enter in the instance name, and click Done.
  14. Close the configuration screen to view the account list.
  15. Select an account.
  16. Select Show Token.
  17. Paste the verification code on the instance (HI or HI Hop) to pair the device and log in.

 

Frequently asked questions

Q. What if I do not own a smartphone?

A. Using a smartphone is the recommended way to use MFA on HI. If you do not own a smartphone, you may use the Chrome browser Authy extension to set up and use MFA. Download and add the extension to your Chrome browser. Then, set up an account and master password with the Chrome extension before you set up the MFA for HI with the extension.

Q. I do not use Chrome for my day-to-day activities and use Firefox heavily. Is there an Authy plug-in for Firefox that I can use?

A. Currently, a browser-based Authy plug-in is not supported on Firefox. However, you can install the Authy Plug-in through the Chrome browser. After it is set up on your machine, the Authy app can be used as standalone (without using the Chrome browser) for generating the code that you can use in your Firefox browser to log on to HI for MFA.

Note: After you have installed the app, ensure that you have Multi-Device option selected from the Devices section in the app.

Q. What if I do not have a smartphone while logging in?

A. After the initial pairing, if you forget your smartphone or do not have a smartphone available, you can email yourself a code to log in.

Q. Can I enter the code and my password in one login screen instead of two different screens?

A. Yes. After initial setup, you can enter your password followed by the 6-digit code in the first login screen to log in.

Q. What if I need to change devices and need to re-pair or re-enter the code into a different mobile device?

A. You can browse to your user profile on HI by typing My Profile on the navigation search bar and clicking multi-factor authentication to get access to the code to re-enter and pair your device.

Q. What should I do if my Authenticator codes are not working (Laptop)?

A. Update the preference on your laptop to set the time automatically in order to generate the correct code.  If the time on your laptop is set manually, it could be more than a few minutes of which will cause the codes to fail.

On the next screen, the app confirms that the time has been synced and you should now be able to use your verification codes to sign in. The sync only affects the internal time of your Authenticator app and does not change the Date & Time settings on your device.

Q. Can I turn it off?

A. No, MFA is mandatory security requirements for all user accounts in HI.

 

For help or questions with MFA for HI, please contact your ServiceNow administrator or ServiceNow Customer Support.   

 

Article Information

Last Updated:2019-05-21 11:59:07
Published:2019-05-20