Skip to main content

Securing your account with MFA

Your Petsoft account holds sensitive information: customer addresses, payment details, pet medical records. Multi-factor authentication adds a second check when you log in, so a stolen password is not enough for someone to access your data.

How it works​

With MFA turned on, you log in with your password as usual. Then the system asks for a six-digit code from an authenticator app on your phone. The code changes every 30 seconds, so even if someone saw it once, it will not work again.

Setting it up​

Go to My Account > Security and click Enable MFA.

You will need an authenticator app. If you do not have one, download one of these:

  • Google Authenticator
  • Microsoft Authenticator
  • Authy

Open the app, tap the plus sign, and scan the QR code that Petsoft shows on your screen. The app will immediately start generating codes for your Petsoft account.

Enter the current six-digit code into Petsoft to confirm the setup. If the code is accepted, MFA is active.

Recovery codes​

During setup, Petsoft gives you a list of recovery codes. These are one-time passwords you can use if you lose your phone or delete the authenticator app.

Save these somewhere safe. Print them and put them in a locked drawer, or save them in a password manager. Do not leave them on your desk or in an unencrypted file on your computer.

Each recovery code works once. After you use one, it is gone. If you run out, you can generate a new list from the security page, which invalidates the old ones.

Logging in with MFA​

After you enter your email and password, Petsoft shows a second screen asking for your code. Open your authenticator app, find the Petsoft entry, and type in the numbers.

If the code does not work, wait for the next one. Codes expire every 30 seconds, and some apps show a countdown timer so you know how much time is left.

What if I lose my phone?​

Use a recovery code. On the MFA screen, click Use Recovery Code instead of entering a six-digit number. Type in one of your saved codes and you will get in.

Once you are logged in, go to the security page and either disable MFA temporarily or set it up again on a new device. If you do not have recovery codes, you will need to contact support and verify your identity to regain access.

Turning MFA off​

You can disable MFA from the security page. You will need to enter a current authenticator code or a recovery code to confirm. This prevents someone who stole your password from turning off your protection.

We recommend leaving MFA on for all admin accounts. If you have staff who share a login, either give them individual accounts or make sure the shared account has MFA enabled and the recovery codes are stored somewhere the whole team can access in an emergency.

MFA setup flow​

Lost device decision tree​

Authenticator app comparison​

FeatureGoogle AuthenticatorMicrosoft AuthenticatorAuthy
Cloud backupNoYesYes
Multi-deviceNoYesYes
Works offlineYesYesYes
Desktop appNoNoYes
Was this page helpful?

Still stuck?

Our team is happy to help. Reach out and we'll get you back on track.