|SharpSpring supports and recommends two-factor authentication, as it vastly improves account security. SharpSpring's two-factor authentication works together with applicable authenticator applications to generate a security tokens. When passwords and security tokens are used together, it becomes much more difficult to lose control of an account.
This article will detail how to configure and use two-factor authentication for SharpSpring accounts.
For Administrators: Setting Two-Factor Authentication Requirements
Two-factor authentication security tokens provide additional layer of protection to users' accounts. Administrators can require that all users in their SharpSpring instance use two-factor authentication. Administrators can also remove the requirement as needed.
To set two-factor authentication requirement for an instance, do the following:
Once the toggle has been set to On and the settings saved, users who have not already configured two-factor authentication in their accounts will will be prompted to do so prior to signing in.
For Administrators: Resetting User Two-Factor Authentication
In the event that users do not have access to authenticator apps, administrators can reset their two-factor authentication.
To reset users' two-factor authentication, do the following:
|Click to enlarge.|
Note: Contact SharpSpring Support for assistance with two-factor authentication in the event that users still cannot log in after you have reset their authentication.
Opting In to Two-Factor Authentication
If two-factor authentication is not required for your SharpSpring instance, you can still opt in and use two-factor authentication for your account. This way, you are still protecting your account and doing your part to prevent external intrusions.
Types of Two-Factor Authentication
When setting up two-factor authentication you will be prompted to choose one of the following options:
- Okta Verify - Download the Okta Verify app (for Android or Apple) to your mobile device so you can verify your identity by approving a push notification sent to your device.
- Google Authenticator - Download the Google Authenticator app (for Android or Apple) to your mobile device to generate a one-time code for you to enter when logging into your account.
- SMS Authentication - Enter your mobile phone number so you can receive a text message with a one-time code for you to enter when logging into your account.
- Voice Call Authentication - Enter a phone number so that you can receive a phone call with a verbal one-time code for you to enter when logging into your account.
Enabling Two-Factor Authorization
To enable two-factor authentication, do the following:
||Click to enlarge.|
Note: While there are many different authenticator apps available, SharpSpring recommends using Google Authenticator.
Setting up Okta Verify
If you're already using Okta Verify and need help adding a new account, please visit Okta's Support.
Setting up Google Authenticator
If you're already using Google Authenticator and need help adding a new account, please visit Google's Support.
Setting up SMS Authentication
Note: Text and data rates may apply.
Setting up Voice Call Authentication
Disabling Two-Factor Authentication
If you would prefer to rely on what security that passwords alone provide, you can disable previously enabled two-factor authentication. Be aware that, if you intend on reenabling two-factor authentication at a later date, you will need to complete the full authentication process again.
To disable two-factor authentication, do the following:
||Click to enlarge.|