Two-factor Authentication

By Cory LaViska on April 28, 2021

Now you can add an extra layer of security to your account by enabling two-factor authentication. This can be turned on for any individual account or, as an admin, you can require it for all your users.

Smartphone on a desk showing "secured" on its screen.What is two-factor authentication?

Two-factor authentication adds an extra layer of security to your account. Rather than relying only a username and password, you can connect a device (usually a smartphone) with a special app that provides a secret, time-based token. This token will be required every time you log in.

This means that, even if your username and password were compromised, an attacker would not be able to access your account because they don't have access to your device.

How do I enable it?

Starting today, all users can enable two-factor authentication from their Profile page. To enable this feature, you will need a device such as a smartphone and an authenticator app. Here are some popular, free authenticator apps that work on both iOS and Android.

From the Profile page, select Authentication > Enable Two-factor Authentication. You will need to scan a QR code and verify the token shown by your authenticator app to finish setting it up.

What if I lose my device?

Once two-factor authentication is setup, you will be shown a recovery code. You must store this code securely (e.g. using a password manager). If you lose your device or delete your authenticator app, you will need this code to restore access to your account.

How do I disable it?

You can disable two-factor authentication from the Profile page.

Requiring two-factor auth for all users

Many organizations are requiring additional security for their Internet-based accounts. Two-factor authentication is a common solution, but it's only effective when users turn it on. As an administrator, you can choose to require two-factor authentication for all your users.

To enable this, go to Settings > Advanced > Require Two-factor Authentication.

Once this is enabled, all your users will be required to enable two-factor authentication before they can continue accessing their account. The CMS will walk them through the setup process the next time they login.