Securing Your Account with MFA

Overview

Multi-factor authentication (MFA) adds a second step to logging in, so that even if someone has your password they cannot access MyApprentice without your second factor. MyApprentice requires MFA before you can add users, upload supplier invoices, or connect Xero and Stripe.

Who uses this feature

All users can set up MFA. Business Owners and Supervisors are re-verified more frequently because their permissions are more powerful.

When to use this feature

• During your first sign-in, when MyApprentice prompts you to Secure Your Account.
• Any time you change phones or devices, so you can register a new method or remove an old one.
• After losing access to your previous MFA device.

What you can do with this feature

• Set up a passkey (recommended on most devices).
• Set up an authenticator app.
• Set up phone approval.
• Rename or remove a registered MFA device.
• Recover access if your MFA device is lost.

How the feature works

Find MFA settings

1. Select the gear icon (⚙) in the top-right corner of the header.
2. Select the Security tab on the Customisation page.

Set up the iOS app code (Recommended)

1. On the Security tab, open your iPhone camera and scan the QR code shown on screen.
2. The App Store opens to the MyApprentice app — install it and open the app.
3. Sign in with the same credentials you used at sign-up.
4. The app displays a 4-digit code. Enter the 4-digit code into the field on the right of the Security tab to verify the two devices.

Set up a passkey (alternative)

1. Select Set up Passkey.
2. Follow the on-screen prompt to create a passkey using fingerprint, Face ID, or device PIN.
3. The passkey appears in your registered passkeys list. You can add more than one passkey for different devices.

Set up an authenticator app

1. Select Setup authenticator app.
2. Open your authenticator app (for example Google Authenticator, Microsoft Authenticator, or Authy) and scan the QR code.
3. Enter the 6-digit code from the authenticator app to confirm setup.
4. Save the backup codes in a secure location.

Set up phone approval

1. Select Phone approval.
2. Follow the prompts to link your mobile device.

Remove or rename a registered device

1. Open the gear icon → Security tab.
2. Find the MFA method showing My device underneath it.
3. Select Remove to deregister, or Rename to change the device label.

Recover access after losing your MFA device

1. Open the MyApprentice sign-in screen and select Forgot your password.
2. Follow the email reset link and set a new password.
3. Sign back in — MyApprentice will prompt you to set up MFA on the new device. The old device is not needed.

Role-specific notes

• All roles: can set up and manage their own MFA from the Customisation > Security tab.
• Business Owner: cannot directly reset another user’s MFA. Ask the affected team member to use Forgot your password on the sign-in screen — that flow re-enrols MFA on the next login.

Related workflows

• Setting Up Your MyApprentice Account
• Signing in with Google, Microsoft, or Apple
• Managing Users, Roles, and Seats
• Capturing Supplier Invoices (requires MFA)
• Connecting and Using Xero (requires MFA)
• Connecting Stripe for Online Payments (requires MFA)

Important notes

• MFA is required to add users, upload supplier invoices, and connect Xero or Stripe — these features stay locked until you complete MFA setup.
• For authenticator codes, your device clock must be correct because the codes are time-sensitive.