Login security with 2 Step Authentication (aka TFA, 2FT, MFA)

Owned by Wendy Jean
Last updated: Nov 06, 2023 by Cody Thomas

Various Names for two-factor or 2 step authentication:
2FA & TFA - Two-Factor Authentication
MFA - Multi-Factor Authentication
2 Factor Verification
2 Step Verification
Duo Verification

To enable your 2-step authentication go to your profile settings.  Click on your name in the upper right corner and select profile.  Select the "security tab" and then check the 2-Step Authentication box.  You must have a mobile number assigned to your account. If you do not have one assigned you will receive an error message.

To disable 2 Step Authentication just un-check the box.

To assign a mobile number, while still in your profile setting, click on the “Personal Information” tab. Enter your mobile number in the box that says “Mobile”. Note: If you do not want your mobile number to be public or to show on your virtual business card https://botdoc.atlassian.net/wiki/x/JwBB then the box below that says: Show this Mobile phone in personal card on completed Requests and Personal URL. (do not check)

This is the login screen that will pop up when you have your 2-factor authentication enabled.

NOTE: EXPIRES in 60 seconds AND you have the option to RESEND code to your mobile or RESEND to your email. Code = 6 characters (alpha and numeric or numeric only)

*Sometimes mobile carriers will delay their sends to you (which doesn't happen often) but if it does you have the option of sending to email for quick code.

If your code has expired you will have the option of requesting another code which will last 60 seconds.

If you entered your CODE incorrectly 2 times, you will see the “I'm not a robot” ReCAPTCHA box and you must check the box.

*Global team setting

In addition, we have a *global team setting (which can be found as a Team Owner under “Edit Your Team Configuration”) that allows you to force every user to have a Two-Step Authentication set for login.

If a user does not have their mobile number set up, It will ask for it after their credentials are input during their next login attempt.

FULL VIEW CLICK HERE