Turn on two-factor authentication (2FA) to add an extra layer of security to your ChartMogul account. ChartMogul account admins can require 2FA for all users.
Here’s what we cover in this article:
- Before you begin
- How it works
- Setting up 2FA
- Requiring 2FA for all users
- How requiring 2FA impacts users
- Resetting 2FA for a user
Resources and further reading:
Before you begin
Please review the following details before completing the steps outlined in this article.
- You’ll need to be an Admin or Owner to require two-factor authentication for all account users.
- ChartMogul does not allow Lite, Read-only, and Staff users to disable 2FA when it’s required by their account admin.
- ChartMogul does not offer SMS as a 2FA option because it’s much less secure than using an authenticator app.
- Download an authenticator app on your smartphone. We recommend Google Authenticator for Android or iOS.
- When 2FA is turned on, users logging in with an email address and password and those signing in with Google must use 2FA.
How it works
When two-factor authentication is turned on, ChartMogul requires you to log in using a code from your authenticator app in addition to providing your email and password (or signing in with Google). In the event your password is compromised, the additional authentication factor keeps potential attackers from accessing your account.
When 2FA is enabled, ChartMogul requires an authenticator code when users:
- Log in from a new device
- Log out and then log in
- Have been logged in for three weeks
Setting up 2FA
To set up two-factor authentication:
- Navigate to Profile > View Profile.
- Under Sign in & Security > Two-factor authentication, click Turn on.
- Scan the QR code with your authenticator app and enter the authenticator code.
- Click Verify to set up 2FA. If 2FA isn’t required by your account admin, click Cancel to exit the screen without enabling 2FA.
Requiring 2FA for all users
To require two-factor authentication for all users on your account:
- Navigate to Settings & Data > Admin > Security.
- Set Require users to set up two-factor authentication (2FA) to On.
- Click OK to confirm.
ChartMogul will require 2FA on your account and force all users to complete 2FA setup.
How requiring 2FA impacts users
Here’s how changing the Require users to set up two-factor authentication (2FA) setting impacts users:
Scenario | Impact |
---|---|
An admin turns 2FA On while users are logged out. | ChartMogul prompts users to set up 2FA the next time they log in. |
An admin turns 2FA On while users are logged in. | ChartMogul immediately prompts users to set up 2FA. |
New users are invited to a ChartMogul account which has 2FA turned On. | After a user confirms their email address, ChartMogul immediately prompts them to set up 2FA. |
An admin turns 2FA Off. | 2FA is not required, however, users can turn it on for themselves. |
Resetting 2FA for a user
You’ll need to be an Admin or Owner to reset 2FA for a user. It’s best practice to grant Admin privileges to more than one ChartMogul user. If you’re the only Admin or Owner on your team and you lose the device you use for 2FA, contact support. We’ll reset 2FA for you after verifying your identity over a video call.
If a user loses the device they use for 2FA, they won’t be able to access their ChartMogul account. To reset 2FA for such a user:
- Navigate to Settings & Data > Admin > Users.
- Locate the user in the table and click Reset in the 2FA column.
- Click OK to confirm.
The user will receive an email informing them that 2FA has been reset for their account. The next time they log in, they will be able to set up 2FA using their new device. If 2FA is required for all users, the user won’t be able to access their account until they set up 2FA.