Contents
Click here for a breakdown of the different chapters in this video.
- 00:06 - Who needs MFA?
- 00:25 - MFA Overview
- 01:05 - New Login Workflow
- 02:48 - Mandatory Activation Details
- 03:45 - Roles & Responsibilities
- 05:04 - Comparison of Authentication Factors
- 06:14 - Setup from Settings
- 07:07 - Turning on MFA for the practice
- 07:59 - Setup From Login Screen
- 08:55 - Planning Tips
- 09:46 - Summary
What is Elation's multi-factor authentication (MFA) feature?
Elation's multi-factor authentication feature requires all users to enter their login email address and password as the first authentication method and at least one additional authentication factor in order to access their Elation EHR account.
Following the cybersecurity guidelines and best practices proposed by the U.S. Department of Health and Human Services in late 2024, Elation now requires all users to enable multi-factor authentication.
Practices will have some time to comply with this requirement before it is strictly enforced. Automatic activation dates will occur throughout the month of June, so look for further communication on your practice's designated deadline.
What are the benefits of using multi-factor authentication with Elation?
Multi-factor authentication significantly lowers the risk of unauthorized access to sensitive patient data, supporting ongoing HIPAA compliance. Multi-factor authentication helps prevent cyber attackers from accessing your account by requiring both your login credentials and a verification factor—something they are unlikely to have, even during phishing attempts.
Who is responsible for enabling multi-factor authentication?
Here’s how responsibilities are divided for enabling multi-factor authentication at your practice:
Everyone
|
Admin Level Users
|
Each user must set up their own authentication factor(s) under their Account Settings.
- Set up multiple authentication methods even though only one is required.
- Choose the authentication methods you are most familiar with that are most suitable for your workflows.
|
Admin Level Users can maintain the use of multi-factor authentication for the entire practice.
- After everyone has set up their authentication methods, turn on the multi-factor authentication.
- Reset authentication factors for users who are logged out. If an Admin Level User is unavailable, contact Elation.
|
Planning Tips
To streamline enabling multi-factor authentication for your practice, an Admin Level User can do the following:
1 |
Send notifications and instructions to your users to let them know you are about to enable multi-factor authentication for the entire practice or that multi-factor authentication is being auto activated for your practice.
|
2 |
Host a short hands-on session and have each user set up authentication factors in their individual Elation accounts.
|
3 | Once everyone in the practice is ready, turn on multi-factor authentication and make sure everyone is able to log in to their Elation account using multi-factor authentication. |
Comparing authentication factors
Choose from four types of authentication factors for multi-factor authentication. While only one is required, we recommend setting up multiple options so you have a backup if one becomes unavailable.
Authentication Factor
|
Verification Method
|
Use Case
|
Additional Considerations
|
Authenticator App
(i.e. Google Authenticator, Windows Authenticator, Authy, etc.). Click here for additional examples.
|
Enter a code that is generated from a mobile app.
|
- You always carry a mobile device (e.g. your phone) with you.
- You share computers with other users in your practice.
|
- Default option for most.
- You must have a smart phone or tablet.
- You can be locked out if your phone is lost or misplaced.
- Can be used across devices.
|
Okta Verify
|
Enter a code that is generated from the Okta Verify mobile app OR send a push notification to the Okta Verify mobile app.
|
- You always carry a mobile device (e.g. your phone) with you.
- You share computers with other users in your practice.
|
- You must have a smart phone or tablet.
- You can be locked out if your phone is lost or misplaced.
- Can be used across devices.
- Ideal option if your company/business uses Okta to manage the accounts you have access to.
|
Security Key or Biometric Authenticator
(i.e. password manager, Touch ID, Face ID, Windows Hello, etc.) Click here for additional examples.
|
Use a key stored on your computer/laptop OR a biometrics reader that is connected to your computer/laptop.
|
You access Elation on a single, personal device.
|
- Not suitable if you are working in multiple environments (e.g. home & office) on different devices.
- Can be more complex to set up.
Recommendation: Set up an additional authentication factor in case you need to access Elation on a different device.
|
Email Authentication
|
Enter a code sent to your login email address.
|
You are unable to use other authentication factors.
|
- Least secure.
- You can only set up Email Authentication when setting up authentication factors for the first time through the login screen workflow.
- If you are using Email Authentication as a backup, set up Email Authentication first.
- Verification code email can be blocked by IT or spam filters.
|
Setting up your own authentication factors

Each user in your practice should set up authentication factors before multi-factor authentication gets activated or becomes mandatory.
1 | Go to Settings -> Account Details. |
2 | Click Setup to open the setup menu. |
3 | Choose your authentication factor & click Setup. |
4 | Follow on screen prompts to complete setup. Click here for step by step instructions. |
Turning on multi-factor authentication for the entire practice
If all users have set up their authentication factors and you’d like to enable multi-factor authentication before Elation activates it automatically, an Admin Level User can turn it on early by going to Settings -> Security & Privacy and clicking Turn on under Multi-factor Authentication.

Signing in with multi-factor authentication
After multi-factor authentication is turned on, each time you log in to your Elation EHR account, you will be prompted to enter your login email address, password, and your authentication factor before you are granted access to your account.
- If you have multiple authentication factors, click the ⏷ button to select the authentication factor you want to use.
- Check off the Do not challenge me on this device for the next 24 hours box on the authentication screen if you want to bypass multi-factor authentication while logging in and out of Elation for the next 24 hours.

Click here for more information about signing in.
Resetting authentication factors (if locked out)
If you find yourself locked out, ask an Admin Level User in your practice to reset your authentication factors for you by clicking Reset Multi-factor next to your name in the Manage Accounts settings page. If you are the sole administrator of an Elation practice, click here to contact the Support Team. We will send you an email to verify your identity and reset your authentication factor(s) on your behalf.

Related Articles