Two-factor authentication (2FA) login journey in Mews

Two-factor authentication (2FA) in Mews means signing into your Mews account in two steps; first with your login password and then with a link sent via email or with a code from an authenticator app. This adds an extra layer of security to your Mews property account. As a security best practice, Mews enforces 2FA as mandatory for all Mews accounts.  

 

This article explains the 2FA login journey in Mews, so you can set up 2FA for your user account when you join Mews, or as an existing user. 

 

Note:

  • All users need to set up two-factor authentication (2FA) to log in and use Mews unless they are added to a 2FA exception list by an admin with Reset 2FA permission. Learn more about managing 2FA exception lists here
  • Mews recommends 2FA verification via email as the most secure method of authentication. 
  • The Mews 2FA login screen automatically adjusts to match your browser’s language settings. If your browser language is other than the 5 core languages of Dutch, English, French, German or Spanish, the screen defaults to English. 

 

You can see the authentication status of your users by going to the main menu menu icon  > Settings > Users, in the Authentication column as below: 

user screen - authentication column

 

You can learn more about securing your Mews Operations user accounts here.

 

In this article, you can learn about the: 

 

2FA login journey 

The 2FA login journey is slightly different between new and existing users. 

 

  • New users: Receive a welcome email containing an invitation link to configure their account credentials. They can use this link to set up a 2FA method to be able to use their account.     
  • Existing users: After logging in with their existing username and password, now need to set up a 2FA method to continue using their account.   

 

You can learn about the 2FA login journey for new users and for existing users below.  

 

2FA login journey for new users 

Mews Operations sends your new users a welcome email notifying them that they have a new user account in Mews. The link contains a sign-in token linked to their email address. Once you enable the mandatory 2FA, they also need to set up a two-factor authentication method when logging in for the first time.   
 
Note:   

  • If a new user does not receive their welcome email within 10 minutes after creating their new account, they need to: 
    1. Go to the Mews login page.
    2. Click on the Forgot password link and type in the email address used for their Mews account. 
    3. Follow instructions to reset password. 
  • Mews Operations does not send the welcome email if the email address you assign to the new user already exists in the system. This is because the system does not recognize that it belongs to a new user.  

  

Your new users go through the following journey the first time they login to Mews.  
 
Once they receive the signup invitation email, they:  

  1. Click on the invitation link.  

  

A screenshot of a emailDescription automatically generated

 

  1. In the Mews password setup page that opens, users then:   

  

A screenshot of a login formDescription automatically generated

 

    1. Enter and confirm a new password. 
    2. Agree to the Mews Terms and Conditions.  
    3. Click Save.  
  1. The next screen that opens is the Mews login page. The user fills in their login credentials and clicks Sign in.  

  

A screenshot of a login formDescription automatically generated

 

  1. A successful sign in opens the Activate two-factor authentication screen.  

 

Using email  

Users can receive an email with a link or code which they can use to access Mews. If a user logs in from a web browser, they receive a link. If they log in via the Mews mobile app, they receive a login code. 

 

When a user logs in from a web browser:

  1. Under Authentication method, users click the Email option. Then they click Next.  

 

A screenshot of a computerDescription automatically generated

 

  1. Mews displays the Check your email screen and sends the user an email with a link.  

 

A screenshot of a computerDescription automatically generated

 

  1. The user opens the email and clicks on the link to access Mews.  

A screenshot of a computerDescription automatically generated

  1. The system opens the Mews Dashboard.  

 

When a user logs in using the Mews mobile app:

  1. Under Authentication method, users tap the Email option. Then they tap Next.  

 

A screenshot of a computerDescription automatically generated

 

  1. Mews displays the Verify your email screen and sends the user an email with a code.  

 

A screenshot of a computerDescription automatically generated

 

  1. The user opens the email and makes a note of the code.  

 

A screenshot of a computerDescription automatically generated

 

  1. The user types the code into the Verify your email screen, and taps Verify.

 

A screenshot of a computerDescription automatically generated

 

  1. The system opens the Mews Dashboard.  

 

This fully authenticates the user and ensures enhanced security of their Mews account.   

   

Note: Unless you or your system admin adds them to a two-factor authentication (2FA) exception list, users cannot login to and use Mews until they complete their two-factor authentication. You can learn more about 2FA exception lists here.      

 

Whenever the user enters their login credentials in the Mews Operations login page, the system prompts them to verify their identity using either an authentication link or code via email, or a code from their 2FA device. To secure the user account without logging out and in again, users can quick lock their account. You can learn more about this here.

 

Using an authenticator app 

Users can use an app to generate an authentication code to enter when they log in.  

  1. Under Authentication method, users click the Authenticator app option. Then they click Next
  2. Mews then prompts users to download an authenticator app or scan a QR code. 

 

A screenshot of a login pageDescription automatically generated

 

    1. If users need to download the authenticator app, they can do so from the page itself. 
    2. To generate the code necessary for authentication, they open the authenticator app and scan the QR code.  
    3. They input the Authentication code, followed by their Mews Operations account password. Click Enable.  

 

This enables two-factor authentication for their user account, and the system displays recovery codes.  

 

Important: Users need to copy and save the backup codes in a secure place. They can use them to sign into their account in case of emergencies, such as if they lose their phone.   

  

A screenshot of a backup codeDescription automatically generated

 

This fully authenticates the user and ensures enhanced security of their Mews account.   
 
Note: Unless you or your system admin adds them to a two-factor authentication (2FA) exception list, users cannot login to and use Mews until they complete their two-factor authentication. You can learn more about 2FA exception lists here.

 

For subsequent logins, once the user enters their login credentials in the Mews Operations login page, the system prompts them to verify their identity using the authentication code that the authenticator app generates. 

 

 

2FA login journey for existing users 

Once you enforce 2FA for your users, existing users need to set up authentication for their user account while logging in, unless they have 2FA.   
 
When your existing users open the Mews Operations login page, they set up 2FA on their account by completing the following:  

  1. Navigate to the Mews Sign in page.
  2. Enter their login credentials and click Sign in.    

 

A screenshot of a login formDescription automatically generated

 
A successful sign-in opens the Activate two-factor authentication screen. 

 

Using email    

Users can receive an email with a link or code which they can use to access Mews. If a user logs in from a web browser, they receive a link. If they log in via the Mews mobile app, they receive a login code.

 

When a user logs in from a web browser:

  1. Under Authentication method, users click the Email option. Then they click Next.  

 

A screenshot of a computerDescription automatically generated

 

  1. Mews displays the Check your email screen and sends the user an email with a link.  

 

A screenshot of a computerDescription automatically generated

 

  1. The user opens the email and clicks on the link to access Mews.  

A screenshot of a computerDescription automatically generated

  1. The system opens the Mews Dashboard.  

 

When a user logs in using the Mews mobile app:

  1. Under Authentication method, users click the Email option. Then they click Next.  

 

A screenshot of a computerDescription automatically generated

 

  1. Mews displays the Verify your email screen and sends the user an email with a code.  

 

A screenshot of a computerDescription automatically generated

 

  1. The user opens the email and makes a note of the code.  

 

A screenshot of a computerDescription automatically generated

 

  1. The user types the code into the Verify your email screen, and taps Verify.

 

A screenshot of a computerDescription automatically generated

 

  1. The system opens the Mews Dashboard.  

  

This fully authenticates the user and ensures enhanced security of their Mews account.   

   

Note: Unless you or your system admin adds them to a two-factor authentication (2FA) exception list, users cannot login to and use Mews until they complete their two-factor authentication. You can learn more about 2FA exception lists here.

   

Whenever the user enters their login credentials in the Mews Operations login page, the system prompts them to verify their identity using the authentication link delivered via email. 

 

 

Using an authenticator app 

Users can use an app to generate an authentication code to enter when they log in.  

 

  1. Under Authentication method, users click the Authenticator app option. Then they click Next
  2. Mews then prompts users to download an authenticator app or scan a QR code. 

 

A screenshot of a qr codeDescription automatically generated

 

    1. If users need to download the authenticator app, they can do so from Google Play or the Apple App Store.
    2. To generate the code necessary for authentication, they open the authenticator app and scan the QR code displayed on screen.  
    3. Enter the 6-digit Authentication code generated in the app, then enter their Mews Operations account password.    
    4. Click Enable.  

This enables two-factor authentication, and the system displays recovery codes which you copy and the user saves them in a secure place.  

A screenshot of a backup codeDescription automatically generated
               

  1. Click Done

The user is now fully authenticated and can access and use the Mews platform.  
 
Whenever the user enters their login credentials in the Mews Operations login page, the system prompts them to verify their identity using the authentication code that the authenticator app generates. 

A screenshot of a identity loginDescription automatically generated

The user is now logged in to the Mews Operations platform and can operate the system.  

 
Note: Users can also enter a backup code at this step if they have lost access to their 2FA app.

 

You can learn more about securing your Mews Operations user accounts here

 

Was this article helpful?
00



Feedback