In the face of escalating cyber threats, it's vital for organizations to prioritize robust security measures to safeguard user accounts. While NotifyVisitors is a highly secured customer data platform, we have introduced another security measure to increase the security of your data via two-factor authentication for account login.

Two-factor authentication (2FA) is a crucial security feature that adds an extra layer of protection to account login processes by requiring users to verify their identity through two distinct methods—typically a password and a second factor like a one-time code sent to your email address. This additional step significantly enhances security, even if passwords are compromised, and protects against common cyber threats like phishing and identity theft. 

Enable two-factor authentication for login 

Enabling Two-Factor Authentication (2FA) for NotifyVisitors account login is a straightforward process. Begin by navigating to the Organization section of your NotifyVisitors dashboard and select the account access tab.  

Here, within the users tab scroll down to the “Two-Factor Authentication Setup” section and click on “Enable” to start the setup process.

Once you click on the enable button, you will be prompted to enter a one-time password (OTP) sent to your registered email address. This OTP will only be valid for 15 minutes.

To proceed, please enter the OTP and hit the confirm button. Once confirmed, you'll get a backup code for emergency access. Keep in mind that this backup code will only appear once and cannot be retrieved later, so be sure to copy it down and keep it safe. It's very important to store this backup code securely, as it provides an alternative way to access your account if you encounter problems with receiving the OTP or if you get locked out.

After securely storing the backup code, you can simply click on “Finish Setup” to complete the process. This action signifies the successful activation of 2FA for your NotifyVisitors account, ensuring enhanced security for all future logins.

From now on, subsequent login attempts will require users to enter the password along with either the OTP received via email or the backup code. 

This dual authentication mechanism adds an extra layer of defense against unauthorized access attempts, bolstering account security.

Two-factor email verification for sub-account login

When a user logs in from a sub-account, NotifyVisitors will verify whether two-factor authentication is activated on the main account associated with the original email address. If it is, an OTP will be dispatched to the email address of the user's sub-account.

For instance, as illustrated in the image, NotifyVisitors will confirm if 2FA is enabled for [email protected]. If it is, the OTP will be sent to [email protected].

This process enhances security for sub-account users, allowing them to log in independently without needing to request an OTP from the admin each time.

Disable two-factor authentication

To turn off two-factor authentication, head back to the same page: organization > Account access. There, simply click the disable button located in the two-factor authentication setup section.

Once you click it, you'll have two options to disable it:

1. Enter 2FA Code: If you select this method and click continue, you'll need to input the one-time password (OTP) that was sent to your email.

After entering the OTP, click on verify, and two-factor authentication will be turned off for your account.

2. Enter backup code: If you opt for this method and click continue, you'll be prompted to enter the backup code you received during the setup process.

Input the code and click verify, and two-factor authentication will be disabled for your account.

Conclusion

Our Two-Factor Authentication (2FA) feature represents a proactive step towards safeguarding user accounts and maintaining high-security standards. It provides an additional security layer, significantly heightening the protection against unauthorized access attempts and fortifying your account against potential breaches. This feature not only strengthens protection but also offers peace of mind against security risks.