What is it?
Email One Time Passcode, also referred to as Email OTP is a form of Multi-factor Authentication (MFA) applied to Identity Gateway (IDG) accounts. This adds an extra layer of security to protect your account. A one-time passcode is a unique code that is automatically sent to the registered email to verify your account.
How does it work?
- After successfully signing into your account, you will be directed to the “Email Verification” page.
- At this point, an email will automatically be sent to the email address you are trying to sign in with from identity@nihr.ac.uk which is valid for 15 minutes.
- You will need to enter the 6-character code provided in this email into the Email Verification screen and then select authenticate.
When you successfully enter the Email OTP code and press authenticate, a cookie is automatically applied to your Web browser. This cookie will remember your device for 30 days before expiring. Once expired, you will be prompted to enter another Email OTP code when you next sign in.
How often do I need to enter the passcode?
A new passcode will be required for each of the following scenarios:
- Every 30 days, after the previous cookie expires
- Signing in on a new unauthenticated device
- Signing in through a new unauthenticated web browser (includes private windows)
What if I don’t have access to this email?
You will need to update the email address associated with your account to one that can receive emails. Please see the Changing your email address section.
What do I do if I don't receive the email?
If you have not received the email containing a code within 15 minutes, check your Junk/Spam folder. If still unsuccessful, check with your local IT support to check the email is not blocked or held and that identity@nihr.ac.uk is on your safe sender's list.
If your issue persists after attempting the above, see the Further Help Needed section on who to contact for support.
What do I do if I see an error message?
If you are seeing an error message, please try the following:
- Check you are entering the correct code / manually type the code into the provided box, making sure there are no white spaces included
-
Use the “Resend Code” option to receive a new code to authenticate your account
- Note, that using this will automatically invalidate the original and any previous codes (so this can no longer be used), and provide you with a new code
- Close down your browser and then sign back in
An error message will be shown for the following reasons:
- Your code has expired (more than 15 minutes have passed)
- Another new code has been requested (e.g. by another user of a shared account)
- The wrong code has been entered
- 30 minutes have passed and your session has expired
- You have not entered a code
Who do I contact if I have an issue?
Please see the Further Help Needed section