The ClaimPower EMR supports multi-factor authentication for all users through industry-recognized standards. MFA is required at login for all user accounts without exception.
The system implements time-based one-time passwords (TOTP) following RFC 6238 standards, compatible with standard authenticator applications including Google Authenticator, Microsoft Authenticator, Authy, and other TOTP-compliant apps.
Users must provide both their password (something they know) and a time-sensitive code from their registered authenticator app (something they have) to complete authentication. MFA enrollment is mandatory during initial account setup and cannot be disabled by users or administrators.