To enhance security and reduce the risk of unauthorized access, Retail 360 Mobile supports multifactor authentication (MFA, also known as two-factor authentication or 2FA). It provides an extra layer of protection beyond traditional passwords, making it more difficult for unauthorized users to gain access to the system, even if they obtain email and password.
By default, multifactor authentication is not enabled for existing accounts. To activate it, submit a support ticket through the Petrosoft AI Assistant.
MFA requires users to provide a one-time passcode (OTP) as a second authentication factor after signing in with their email and password. The OTP is generated through an authentication app installed on the user's mobile device.
Supported MFA apps
Retail 360 Mobile supports all authentication apps capable of generating time-based OTP, including:
- Google Authenticator (Android, iOS)
- Microsoft Authenticator (Android, iOS)
- FreeOTP (Android, iOS)
- Authy (Android, iOS, Windows, macOS, Linux)
- LastPass Authenticator (Android, iOS)
- Duo Mobile (Android, iOS)
For better security, do not install the MFA app on the same device as Retail 360 Mobile. This reduces the risk of both your credentials and MFA codes being compromised if the device is lost or stolen.
OTP codes are time-based, so it is essential to enable automatic time updates on your MFA device. If the device's time is out of sync, the authentication app may generate an incorrect OTP, resulting in login failures.
Signing in with MFA
- Enter your email and password and swipe up Continue to log into the Retail 360 Mobile.
- Open your preferred MFA app and scan the QR code displayed on the screen. If you are unable to scan the QR code due to camera issues or other limitations, manually enter the activation code shown below the QR code.
- Open the linked account in the MFA app and note the 6-digit OTP code. The code may be displayed with spaces for readability, but when entering it in the verification field (see step 4), make sure there are no spaces between the digits.
- Enter the OTP code from the app (without spaces) in the One-time code field and confirm it by swiping up the Continue.
Scanning the QR code automatically links your MFA app to your account. Once the app is linked, you will no longer be prompted to scan the QR code for future logins.
Only one MFA app can be linked to a user account at a time. If you lose your MFA device or accidentally remove the app, disconnect it from your account and set up MFA again with a new app. For detailed instructions, refer to Disconnecting and re-linking the MFA app below.
One-time codes used in MFA are valid for a short period (typically 30 seconds.) This short validity helps protect against attacks and unauthorized access.
The expiration countdown is usually displayed near the code. Always use the most recent code from the app.
Disconnecting and re-linking the MFA app
Only one MFA app can be linked to a user account at a time. If you lose your MFA device or accidentally remove the app, submit a support ticket through the Petrosoft AI Assistant to request the app be disconnected from your account.
Once the old app is disconnected, install the new MFA app on your device and re-link it to your account by scanning the QR code as described earlier.
Resetting the password
The linked MFA app will continue to function after you change the password in Retail 360 Mobile.
Simply sign in with the new password and enter the OTP code from the app in the Retail 360 Mobile authentication form.
Disabling MFA
To disable multifactor authentication for your account, submit a support ticket through the Petrosoft AI Assistant.
