We're very pleased to have released 2 factor authentication for Cliniko. This is huge for improving the security of your accounts.
A lot of our security updates focus around our technology, but this one is about you, and keeping your account as secure as possible.
So what is two factor authentication (2FA)?
Typically when you log into something, you provide an email address and password. This is one "factor" of authenticating who you are. 2FA refers to using a second factor to confirm your identity. Most commonly, the two factors in 2FA are something you know, and something you have. The password is something you know and most often your phone is something you have.
Should you enable 2FA?
Yes you should! Cliniko's servers and infrastructure are very secure, but if someone gets ahold of your password, they can easily log in to your account. By utilising 2FA, someone needs both your password AND your smartphone to get access to your account. Put simply, enabling 2FA is the single best thing you can do to improve the security of your Cliniko account.
How does it work?
The short version is:
- You activate it within My Info in Cliniko.
- You download an app to your phone that generates time based unique keys (eg. 485 739).
- You create and print out some back up codes in case you lose your phone.
- Each time you sign in, you'll also need to enter that secure verification code.
For much more detail on how to set it up, see this How to set up 2 factor authentication guide.
Note: If you use "remember me", you won't need to enter this often, only each time you actually log in. The inconvenience is minimal, the extra security is well worth it.
We're really glad to have this released for Cliniko, it is a huge improvement to the security of your account. Go turn it on right away!