Skip to content

Log In with Multi-Factor Authentication (MFA)

When MFA is enabled on your account, each sign-in needs a second factor in addition to your password. This page explains the verification screen, using an authenticator app or a recovery code, and when you can trust a device for repeat visits. Follow the steps in order the first time you sign in with MFA enabled.

Steps in Logging In

When logging in to your 3 Clicks account with Multi-Factor Authentication (MFA) enabled, follow these steps to ensure secure access:

Quick Check - Before You Start
  • Have your authenticator app or a printed recovery code ready before you begin login.
  • Use the correct 3 Clicks URL and credentials for your organisation.
  • Decide whether this device should be trusted for 30 days only if it is private and policy allows it.

  1. After entering your username and password, you will be redirected to the MFA verification page.

    Multifactor Authentication Verification Page

  2. Enter Verification Code

    • Open your authenticator app (such as Google Authenticator, Microsoft Authenticator, or Authy) and enter the current 6-digit verification code displayed.

      Multifactor Authentication Verification Page

    • If you can't access your authenticator app, you can use one of your recovery codes instead.

      Multifactor Authentication Verification Page

      Note

      Recovery codes are 10 digits long and can only be used once.

  3. If you are using a trusted device, you can select the option "Trust this device for 30 days". This will reduce the frequency of MFA prompts on that device for a specified period.

  4. Access Your Account: Once you have entered the correct verification code, you will gain secure access to your 3 Clicks account.

This process ensures that your account remains secure while providing a smooth user experience.

Troubleshooting

Why is my verification code always invalid?

Typing an expired TOTP code, using the wrong authenticator entry, or device clock drift causes repeated failures.

Steps to resolve:

  1. Enter a freshly generated 6-digit code from the correct 3 Clicks account in your app.
  2. Enable automatic date and time on the device running the authenticator.
  3. Try a recovery code once if the app is unavailable; remember each recovery code is single-use.
Why does Trust this device for 30 days not stick?

Browser privacy modes, clearing cookies, or logging in from a different browser profile resets trust.

Steps to resolve:

  1. Tick Trust this device for 30 days only on a trusted browser profile with cookies allowed.
  2. Avoid incognito or strict tracking protection that clears site data between sessions.
  3. Complete MFA again on each new device or browser you use for work.
When should I use a recovery code instead of the app?

Recovery codes are for when the authenticator app or phone is unavailable; each code works once and is longer than a TOTP code.

Steps to resolve:

  1. On the MFA screen, choose the recovery path if you cannot open the app.
  2. Enter one 10-digit recovery code exactly as stored.
  3. After login, replace used codes or rebind MFA from My Profile > Security per your organisation’s policy.