Previous Page

Multi-factor authentication

Multi-factor authentication (MFA) is a security process that uses at least two methods of verifying the identity of people accessing digital information.

Legal Aid NSW has implemented MFA to reduce the risk of unauthorised access to sensitive client data in our external systems. Users will need to enter an SMS code as well as their username and password when logging into Grants Online, the Panels Application website, our Learning Management System and the WDVCAP Database.

Still need help? Call the Legal Aid NSW Service Desk on (02) 9219 5999 or email: servicedesk@legalaid.nsw.gov.au

 

    After entering your username and password, a One Time Passcode (OTP) is sent to your registered mobile phone number by SMS. When you enter the code into the login screen correctly, you’ll be logged into the system as usual.

    See the following tip sheets for more detailed instructions:

    Tip sheet – MFA for Grants Online
    Tip sheet – MFA for Panels
    Tip sheet – MFA for LMS
    Tip sheet – MFA for WDVCAP

    Legal Aid NSW needs to reduce the risk of unauthorised access to sensitive client data in our external systems. The use of MFA will add an extra layer of protection in case usernames or passwords have been compromised in some way. This is particularly important due to the prevalence of threats such as malware, email phishing and insecure password practices.

    OTP is an abbreviation for One Time Passcode.  This is the six digit number that is sent to your phone by SMS in order to verify your identity as you’re logging in.

    You’ll have about five minutes to enter the passcode after the SMS is sent to your phone. If you miss the One Time Passcode (OTP) you can request another one by clicking on Resend OTP. If you’re timed out you’ll be taken back to the login screen to start again.

    A message on screen will let you know if you’ve entered the code incorrectly.  You can try again if you’ve made a mistake, or just request a new One Time Passcode (OTP) by clicking Resend OTP.

    If you haven’t entered the One Time Passcode (OTP) correctly and you’ve requested a new OTP two or three times, you’ll be taken back to the login screen.  Start again with your username and password and be sure to enter the passcode correctly when you receive it.

    If you don’t see an SMS with the passcode on your mobile phone, you can try requesting a new One Time Passcode (OTP).

    If you’ve used Resend OTP but still haven’t received your passcode:

    1. Check whether the settings on your phone are blocking or filtering messages from unknown senders. See these instructions for blocking and unblocking unknown numbers in Android or filtering with iPhones.
    2. If the SMS has not been blocked or filtered to a spam folder, it’s possible that we don’t have your correct mobile phone number recorded. Use the following instructions depending upon which system you’re trying to access.


    Grants Online users: Ask your firm administrator to check your details on Grants Online and update the information if necessary. If you don’t have an administrator who can access your details, contact the Legal Aid NSW Service Desk for help.

    Learning Management System users: Contact the Legal Aid NSW Service Desk to add or update your mobile phone number.

    WDVCAP Database users: Contact the Legal Aid NSW Service Desk to update your mobile phone number.

    To make it easier for users who log in frequently during the day, we don’t require MFA for repeated logins within a short time period.  If you haven’t logged in for several hours, you’ll need to reauthenticate with a passcode.

    You must have your registered mobile phone with you whenever you’re logging in to a Legal Aid NSW system, otherwise you won’t be able to access and enter the One Time Passcode.  If you’re using a different phone you’ll need to update your Grants Online details to record the new number.

    If you’re unable to log in and don’t have an administrator who can change your details, or if you’re not a Grants Online user, please email the Legal Aid NSW Service Desk for assistance.

    You must have access to your registered mobile phone number to log in to a Legal Aid NSW system, regardless of your location. Otherwise you won’t be able to receive and enter the One Time Passcode (OTP).  Our MFA system cannot send OTPs to overseas mobile numbers, nor can we send the OTP to other services such as WhatsApp.

    If using an overseas mobile phone service, we suggest that you install the SIM for your usual registered phone temporarily so you can receive the OTP SMS.

    Grants Online users: 
    Update your details in Grants Online. If you can’t access the system to do this, ask your firm administrator to make the changes.  If you don’t have an administrator who can access your details, contact the Legal Aid NSW Service Desk for help.

    Learning Management System and WDVCAP Database users:  
    Contact the Legal Aid NSW Service Desk to update your mobile phone number.

    You must have your own mobile phone number recorded in your details. You’ll need access to that phone whenever you’re logging in to a Legal Aid NSW system.

    You won’t be able to access Legal Aid NSW systems without receiving a passcode via SMS.  Please contact the Legal Aid NSW Service Desk to discuss your situation.

    Sharing login details is not allowed.  It is a breach of the Terms and conditions of use of Grants Online. Each user must have their own individual registration. Ask your firm’s Grants Online administrator to contact the Legal Aid NSW Service Desk to arrange your registration, or contact the Service Desk yourself.