Articles in this section

Using Two-Factor Authentication

Avatar
Jake Crown
  • Updated
Follow
SharpSpring supports and recommends two-factor authentication, as it vastly improves account security. SharpSpring's two-factor authentication works together with applicable authenticator applications to generate a security tokens. When passwords and security tokens are used together, it becomes much more difficult to lose control of an account.

This article will detail how to configure and use two-factor authentication for SharpSpring accounts.


Article Contents

     Available with:    
  Marketing Automation  
  CRM Ultimate    
  CRM PRO    
  CRM Free    
       
  Toolbar:    
01NavSettings.png
       
  Users:    
  Administrators  
  Company Managers  
  Marketing Managers  
  Sales Managers  
  Salespersons  
  Jr. Salespersons  
 


For Administrators: Setting Two-Factor Authentication Requirements

Two-factor authentication security tokens provide additional layer of protection to users' accounts. Administrators can require that all users in their SharpSpring instance use two-factor authentication. Administrators can also remove the requirement as needed.

To set two-factor authentication requirement for an instance, do the following:

  1. Click  12personas.png  User Menu > Settings in SharpSpring's top toolbar.
  2. Click Company Profile, located under My Company in the left panel.
  3. Scroll down to the Security section.
  4. Set the Require Two-Factor Authentication for All Users toggle to either On or Off.
  5. Click Save Settings.
   Click to enlarge.

Once the toggle has been set to On and the settings saved, users who have not already configured two-factor authentication in their accounts will will be prompted to do so prior to signing in.


For Administrators: Resetting User Two-Factor Authentication

In the event that users do not have access to authenticator apps, administrators can reset their two-factor authentication. 

To reset users' two-factor authentication, do the following:

  1. Click  12personas.png  User Menu > Settings in SharpSpring's top toolbar.
  2. Click User Accounts, located under My Company in the left panel.
  3. Locate the desired user.
  4. Click  12more.png  More Options > Reset two-factor authentication.
  5. Click Reset.
   Click to enlarge.
 
Note: Contact SharpSpring Support for assistance with two-factor authentication in the event that users still cannot log in after you have reset their authentication.
 


Opting In to Two-Factor Authentication

If two-factor authentication is not required for your SharpSpring instance, you can still opt in and use two-factor authentication for your account. This way, you are still protecting your account and doing your part to prevent external intrusions.

To opt in to two-factor authentication, do the following:

  1. Click  12personas.png  User Menu > Settings in SharpSpring's top toolbar.
  2. Click My Account, located under My Account in the left panel.
  3. Scroll down to the Security section.
  4. Click Enable.
  5. Ensure that you have an authenticator app on your mobile device.
  6. Do either of the following:

          Scan the QR code into the authenticator app
          Enter the key into the authenticator app
  7. Enter the authenticator app code in the Authentication code field.
  8. Click Enable.
   Click to enlarge.
 
Note: While there are many different authenticator apps available, SharpSpring recommends using Google Authenticator
 


Adding Additional Devices

You can set up multiple devices to be able to log in to the same SharpSpring account. Doing so requires that your account have two-factor authentication enabled.

To add additional devices to a two-factor authentication account, do the following:

  1. Click  12personas.png  User Menu > Settings in SharpSpring's top toolbar.
  2. Click My Account, located under My Account in the left panel.
  3. Scroll down to the Security section.
  4. Click Add Device.
  5. Ensure that you have an authenticator app on your mobile device.
  6. Do either of the following:

          Scan the QR code into the authenticator app
          Enter the key into the authenticator app
  7. Enter the authenticator app code in the Authentication code field.
  8. Click Add Device.
   Click to enlarge.


Disabling Two-Factor Authentication

If you would prefer to rely on what security that passwords alone provide, you can disable previously enabled two-factor authentication. Be aware that, if you intend on reenabling two-factor authentication at a later date, you will need to complete the full authentication process again.

To disable two-factor authentication, do the following:

  1. Click  12personas.png  User Menu > Settings in SharpSpring's top toolbar.
  2. Click My Account, located under My Account in the left panel.
  3. Scroll down to the Security section.
  4. Click Disable two-factor authentication.
  5. Click Disable.
   Click to enlarge.


Printing Backup Codes

Backup codes are preset two-factor codes that exist as a failsafe to let you log in to your account if you do not have access to your mobile device. However, you cannot access them if you are already unable to log in. Because of this, you should print or save the list of backup codes to an external device. That way, you can enter one of the available codes to access your account. 

To print a list of backup codes, do the following:

  1. Click  12personas.png  User Menu > Settings in SharpSpring's top toolbar.
  2. Click My Account, located under My Account in the left panel.
  3. Scroll down to the Security section.
  4. Click View Backup Codes.
  5. Click Print Codes.
  6. Print the codes through your printer.
  7. Click Done.
   Click to enlarge.

Whether you print your backup codes to a .PDF file and save it to your local device or print them off on sheets of paper, it is important that you keep them in a safe place. Be sure to engage in safe and logical information security practices when retaining this list of codes.

 


Using Backup Codes

Backup codes stand in for codes generated by your authenticator app. You can use backup codes as needed when you do not have access to your authenticator app during login. This way, even though you might not have your main device or your authenticator app, your account is still protected by two-factor authentication.

To use a backup code to log in to your account, do the following:

  1. Open a new tab in your web browser.
  2. Navigate to SharpSpring.
  3. Log in to SharpSpring.
  4. Review your list of available backup codes for an unused code.
  5. Enter an unused backup code in the Authentication code field.
  6. Click Sign in to your Account.
   Click to enlarge.

Individual backup codes can be used one time before they cannot be used again. Once a backup code has been used, it will become unavailable in the backup code list and will be grayed out. Once all backup codes have been used, SharpSpring will repopulate the backup code list with new backup codes. This cycle will repeat, so there will always be a set of available backup codes.

However, in the event that you do not have access to your authenticator app or your backup codes, you will need to contact your administrator.

Related articles

×

Why was this help article not helpful?

Still didn't find what you are looking for?