What is 2 Factor Authentication? (2FA)
Typically when you log into something, you provide an email address and password. This is one "factor" of authenticating who you are. 2FA refers to using a second factor to confirm your identity. Most commonly, the two factors in 2FA are something you know, and something you have. The password is something you know and most often your phone is something you have.
Why should I use 2FA?
Additional security! Cliniko's servers and infrastructure is very secure, but if someone gets ahold of your password, they can easily log in to your account. By utilising 2FA, someone needs both your password AND your smartphone to get access to your account. Put simply, enabling 2FA is the single best thing you can do to improve the security of your Cliniko account.
Will I be locked out of my account if I lose my phone?
That's where back-up codes come in! Within Cliniko you can generate a set of single use back-up codes that you can print off or save somewhere just in case you can't access your phone - giving you access until you can retrieve your phone or get a new one. This is important though, make sure to generate and print or save the back-up codes to ensure you can access your account always.
OK sounds good, now how do I set it up?
The very first thing you'll need to do is download an authenticator to your mobile. We recommend Google Authenticator as it's quite easy to install and set up.
Once you have that done, follow these steps in Cliniko:
- Click on My Info
- In the 2 Factor Authentication section, click the Enable 2 factor authentication button
- On your mobile, open up the Google Authenticator
- Press the menu button and select Set up account
- Select Scan a barcode
If you're using Android and haven't yet installed a barcode scanner, you'll be prompted to do so now. Just follow Google's instructions!
- Use the barcode scanner to capture the QR code on your screen
- Type the new code for "Cliniko" into the Verification Code field
- Click Enable 2 factor authentication
That's done! Now the next time you log on, you'll be prompted for a code
To get your code, open up the Google Authenticator on your phone
What about those backup codes?
From My Info you can also generate some backup codes.
You can print these off and store them somewhere safe. If you already use a password program like 1 Password, you can use it to store your codes as well!
As always, let us know if you have any trouble with the setup of 2FA - we think it's a great option to keep your account secure and recommend that everyone does this.