SendSafely

Articles in this section

See more

Enforcing Two Step Authentication

SendSafely Portal Administrators can and should enforce two step authentication for all users in their portal from the Enterprise Console. This enforcement setting is enabled by default for new portals, and SendSafely has started a program to mandate the use of Two-Factor Authentication for all SendSafely customer user accounts.

When enabled, all users must turn on two step authentication as part of the new user registration and/or next login process. SendSafely's two step login feature supports both SMS verification and mobile authenticator apps like Google Authenticator, Duo Mobile, Authy and  Windows Phone Authenticator. Two step authentication is only enforced when users authenticate using a SendSafely username and password. Two step authentication is not enforced when logging in via Single Sign On or using your Google account.

To require users configure two step authentication, Administrators should take the following steps:

  1. Go to the Enterprise Console and scroll down to Site Configuration Options
  2. Check the box next to Require Two Step Authentication for Registered Users
  3. Press the Save Changes button

Enforce 2FA at Enterprise Level-1

In order to enable this setting, all existing users who log in with a username and password must already have two step login configured (users authenticating using Google Auth or SSO are excluded from this requirement). Administrators can view two step configuration status from the Active Users list as shown below:

User List-2

If you have existing users that have not already enabled two step login, you can enable this feature on their behalf from the Enterprise Console. If you click the user's row in the Active Users listing, you will see a switch that allows you to turn on two step login (see below). Note that you are required to provide the user's mobile phone number when enabling this feature on their behalf. 

Turn on 2FA-2

Once enabled at the organization level, all new users registering with a username and password will be required to set up two step authentication (SMS verification) on the Account Registration screen. 

2FA at User Registration-1

End-users can optionally continue on to set up an authenticator app as an alternative method of two step authentication from the Login Options tab on the Edit Profile screen. Further guidance on this process is available here.

Authenticator Setup

If you are a SendSafely administrator and would like assistance with enabling this option, please contact support@sendsafely.com

Related articles