Looking for something specific? Skip ahead:
Security is important, especially for systems that allow access to information about thousands of members. For organization administrators, particularly those with access to organization-wide member data, we strongly recommend enabling two-factor authentication.
With two-factor authentication (2FA), after entering your password you'll be asked to enter an authentication code that verifies that you have possession of your cellphone. Therefore, 2FA adds a second layer of account security because it combines something only you know (your password) with something only you have access to (your phone or a physical token). Instead of an attacker guessing or stealing your password to gain access to the ControlShift tools, they would also need to steal your cellphone.
For users who enabled 2FA before August 2022, we're using Authy to provide two-factor authentication. Authy is a vendor that allows authentication either over SMS or through a native mobile application. Users who enable 2FA starting August 2022 will be able to use their preferred authentication app (including Authy, Google's Authenticator app, Microsoft's Authenticator app, etc.).
How do I enable 2FA?
To enable 2FA, log into your account and click the My Account link in the dropdown menu. Go to the Password & Security option, and there will be a button to Enable Two-Factor Authentication.
After clicking the link, you'll be shown a QR code. Open your chosen authentication app and scan the code. If you're on mobile, you can click to copy the alphanumeric code and paste it into your authentication app instead.
Once you've scanned/entered the code, your app should update to show a 6-digit code. In ControlShift, click to Continue. On this ControlShift page, enter the code and click to Enable.
At this point, we recommend downloading your recovery codes. These codes can be used if you're unable to access your authentication app. Each recovery code can only be used once, and we recommend storing them securely.
When you're done, 2FA will be enabled for your account. Then, whenever you log into your account, you'll be asked for the authentication code, which you can find in your authentication app.
Once an admin has 2FA enabled, their member account listing will also reflect the new setting. You can see which admins have enabled 2FA by going to Settings > Teams & Permissions > Admins. The admins using 2FA will have a checkmark in the second column.
If you need to disable 2FA, return to your account page (from the dropdown menu) and click Remove.
If you have any questions (or if you lose your phone and need assistance unlocking your account), send us a support email to email@example.com.