🛡️Verification is an essential step in online relationships with users.
This article will help you understand the importance of secured data and how you can be safe within smrtPhone by enabling Two-Factor Authentication.
Why do you need Two-Factor Authentication?
Two-factor authentication (also referred to as dual-factor authentication, two-step authentication, or 2FA) is a security process in which users provide two different authentication factors to verify themselves.
This is an extra security layer for your account and your business. Soon, it will be mandatory for all smrtPhone accounts; right now, it is an optional setting that we strongly encourage.
Two-factor authentication (2FA) is an important verification step for you and your users' online security. Even a strong passcode or access key code can be compromised, and 2FA provides a second layer of security.
Using a second way of verifying yourself increases the chances of having a well-protected account and workspace.
How does Two-Factor Authentication Work?
Two-Factor Authentication option requires a non-smrtPhone mobile phone number or an Authy/Google Authenticator App.
To get verified, access your Account Menu > My Account from the smrtPhone Dashboard (upper right).
Authy / Google Authenticator App
You can use the Authy / Google Authenticator App to verify yourself. The process is the same, whether you choose an SMS code or the Authy / Google Authenticator App.
Press the Start Setup button, and you can start the 2FA customization.
At this moment, you can either scan the QR code via a mobile app or copy-paste the code provided and continue with the authentication this way.
Once you get your code, hit the Continue blue button and proceed to insert the received code. Then press Verify and your account is set.
Phone number verification
In the Two-Factor Authentication section, if you choose to verify yourself via SMS, use the second option. Click the Click Here button and proceed. Add your phone number, and choose SMS to receive a code every time you need to authenticate.
Press Continue and proceed to enter your personal phone number, which you want to be used for SMS verification.
Within seconds, you will receive a code on your phone, ready to be inserted into the verification box. Type it in and click Verify.
Once you press the Verify Action button, you will be provided with several recovery codes. You cannot move on without hitting the Copy button.
Before pressing the Complete action button, we strongly recommend pasting those recovery codes you just copied for yourself and saving them before moving on.
⚡Keep these recovery codes in a safe place, as a backup recovery option for your account. Once you use one of these 10 recovery codes, that particular one becomes inactive, but you still have the others in case of need.
Switch between methods of verification
You can also choose to modify your method of authentication from SMS to Authy or the Google Authenticator App, or the other way around. In this case, you will select the first option and click on Change Method.
If you switch from SMS to Authy and back to SMS, the system will remember the previous phone number you entered. In case you want to change that number, you need to restart the procedure: hit Disable 2FA, then Enable, and insert the new phone number that you want to use.
How does Two-Factor Authentication Offer you Better Protection?
Two-Factor Authentication option offers you better protection primarily through the way this verification can be done:
Via SMS code directly on your personal/non-smrtPhone number
Via the Authy/ Google Authenticator App.
Verification will be required for all smrtPhone access points: Web App, Mobile App, and the Chrome Dialer (your web app and Chrome extension will sync though, so this will be required once)
The token is available for 60 days to be used on any device you choose to log in to
Along with the recommendation to not reuse passwords across multiple sites, and regularly change passwords and codes, using 2FA is an extra security measure and offers you an additional layer of protection.
Setting Two-Factor Authentication for Your Account (Account Owners)
As an Account Owner, you can protect your business by enforcing authentication on all users' accounts.
To proceed, you need to access your smrtPhone Admin Dashboard > Account Settings > Two-Factor Authentication tab.
By toggling Enforce Two-Factor Authentication, you can implement this security feature for all the users of your account.
If Two-Factor Authentication is enforced, all users will need to comply and enable one of the two methods of verification implied by the system. If a user has access to multiple accounts, as long as one requires 2FA, the user will need to set it up. (You log into smrtPhone before you select which account, so the requirement lives at the user level at that point.)
⚡Only Account Owners can enforce this feature, only they can enable or disable it for the entire account.
However, if you decide not to enforce it, your users will have the option to enable or disable it at will.
If you choose to disable 2FA while it remains an optional security measure, click on the option to disable it and confirm this action.
You can also update the method and change the way you receive the authentication code or the phone number. (see above)
