Multi-factor authentication (MFA) is widely used by businesses and continues to be one of the simplest and most secure ways to access your work online. Lightspeed uses MFA to add an extra layer of security to a user's account to prevent unauthorized access. Using MFA reduces the risk of fraud and identity theft and protects businesses from attacks that may compromise data.

MFA requires the user to input their existing password. Then, with a second authentication factor enabled, they will enter a time-based, one-time (OTP), six-digit passcode generated by an authorized third-party authentication application. This passcode will expire after 30 seconds.

Recommended authenticator apps

We recommend using Google Authenticator, Microsoft Authenticator, or OneLogin Protect.

Setting up MFA for users

Each user will need to enable MFA for their account. MFA cannot be enabled by location or by business.

1. Log in to the Back Office with your Lightspeed Restaurant credentials.
2. Click your name in the top-right corner and select My account.

3. Click Configure MFA.

   

4. Click Enable.

   

5. Download a supported authenticator app on your mobile device and click Continue in the Enable app authentication pop-up.

   

6. In the authenticator app, scan the QR code to pair your mobile device. Enter the code provided by the authenticator app.

   Lightspeed cannot restore access to accounts with two-factor authentication enabled. Ensure your codes are saved in a safe place to avoid locking yourself out of your account.

7. Click Pair device.

   

8. Click I saved my codes.

   

Once setup has been completed, authenticator details and factors can be accessed by clicking your name > My account > Configure MFA.

Logging in to Lightspeed products with MFA

Once MFA has been set up, users can log in with the authentication code found in the chosen authenticator app.

1. Log in to the Back Office with your Lightspeed Restaurant credentials.

   

2. Open your chosen authenticator app. In this example, we’re using OneLogin Protect.

   

3. Enter the 6-digit code displayed in the authenticator app. This may automatically copy on your mobile device, depending on your personal settings.

   

4. (Optional) Select the checkbox next to Remember me on this device for 30 days to skip the MFA process for the next 30 days.
5. Click Log in.

Using recovery codes with MFA

Recovery codes are the primary resource for account recovery should an account holder lose access to their authorized device or the authentication app. The first avenue for recovering an account with two-factor authentication enabled is using the recovery codes you saved during the setup process. Ensure these are saved in a secure location that can be accessed by only the account holder.

There are 3 codes in total, and each can be used only once. Once a code is used, it becomes invalid and you'll need to use another code on the list next time. When they’re all used, you can click the link in MFA settings to generate new codes.

Pausing an authentication factor

If you want to stop using an authenticator app temporarily, you can pause it in the MFA settings page. You will need to first log in using an authentication code or with a recovery code.

1. Log in to the Back Office with your Lightspeed Restaurant credentials.
2. Click your name in the top-right corner and select My account.

3. Click Configure MFA.

   

4. Click Pause for the authentication app you wish to pause.

Removing an authentication factor

If you lose access to your authenticator app, you can remove an authentication factor in the MFA settings page. You will need to first log in using an authentication code or with a recovery code.

1. Log in to the Back Office with your Lightspeed Restaurant credentials.
2. Click your name in the top-right corner and select My account.

3. Click Configure MFA.

   

4. Click the trash icon for the authentication app you wish to remove.

   

5. Click Remove.

   

What's next?