Setting up two-factor authentication (2FA)

Turn on two-factor authentication (2FA) to add an extra layer of security to your ChartMogul account. ChartMogul account admins can require 2FA for all users.

We strongly recommend enabling 2FA. It is the standard security practice across the internet to protect yourself against unauthorized access.

Here’s what we cover in this article:

Resources and further reading:

Before you begin

Please review the following details before completing the steps outlined in this article.

  • You’ll need to be an Admin or Owner to require two-factor authentication for all account users. 
  • ChartMogul does not allow Lite, Read-only, and Staff users to disable 2FA when it’s required by their account admin.
  • ChartMogul does not offer SMS as a 2FA option because it’s much less secure than using an authenticator app.
  • Download an authenticator app on your smartphone. We recommend Google Authenticator for Android or iOS.
  • When 2FA is turned on, users logging in with an email address and password and those signing in with Google must use 2FA.

How it works

When two-factor authentication is turned on, ChartMogul requires you to log in using a code from your authenticator app in addition to providing your email and password (or signing in with Google). In the event your password is compromised, the additional authentication factor keeps potential attackers from accessing your account.

When 2FA is enabled, ChartMogul requires an authenticator code when users:

  • Log in from a new device
  • Log out and then log in
  • Have been logged in for three weeks

Setting up 2FA

When ChartMogul prompts you to set up 2FA, this is because it’s required by your account admin. Follow the steps below, starting at step 3. You must complete 2FA setup to access your account.

To set up two-factor authentication:

  1. Navigate to Profile > View Profile.
    Screenshot of the Profile menu showing the View Profile option under the user's name.
  2. Under Sign in & Security > Two-factor authentication, click Turn on.
    Screenshot of the Sing in & Security section of the User profile. The Two-factor authentication option is set to Off. A link next to the option says Turn On.
  3. Scan the QR code with your authenticator app and enter the authenticator code.
    Screenshot of the Two-factor authentication screen with a QR code and a field to enter an authenticator code. Below the field there are two buttons: Verify and Cancel.
  4. Click Verify to set up 2FA. If 2FA isn’t required by your account admin, click Cancel to exit the screen without enabling 2FA.

Requiring 2FA for all users

You’ll need to be an Admin or Owner to require all users set up 2FA.

To require two-factor authentication for all users on your account:

  1. Navigate to Admin > Security.
  2. Set Require users to set up two-factor authentication (2FA) to On.
    Screenshot of the Security tab of the Admin page. The Require users to set up two-factor authentication (2FA) option is set to On.
  3. Click OK to confirm.

ChartMogul will require 2FA on your account and force all users to complete 2FA setup.

How requiring 2FA impacts users

Here’s how changing the Require users to set up two-factor authentication (2FA) setting impacts users:

Scenario Impact
An admin turns 2FA On while users are logged out. ChartMogul prompts users to set up 2FA the next time they log in. 
An admin turns 2FA On while users are logged in. ChartMogul immediately prompts users to set up 2FA.
New users are invited to a ChartMogul account which has 2FA turned On. After a user confirms their email address, ChartMogul immediately prompts them to set up 2FA.
An admin turns 2FA Off. 2FA is not required, however, users can turn it on for themselves.

Resetting 2FA for a user

You’ll need to be an Admin or Owner to reset 2FA for a user. It’s best practice to grant Admin privileges to more than one ChartMogul user. If you’re the only Admin or Owner on your team and you lose the device you use for 2FA, contact support. We’ll reset 2FA for you after verifying your identity over a video call.

If a user loses the device they use for 2FA, they won’t be able to access their ChartMogul account. To reset 2FA for such a user:

  1. Navigate to Admin > Users.
  2. Locate the user in the table and click Reset in the 2FA column.
    Screenshot of the Users table with the 2FA reset option highlighted.
  3. Click OK to confirm.

The user will receive an email informing them that 2FA has been reset for their account. The next time they log in, they will be able to set up 2FA using their new device. If 2FA is required for all users, the user won’t be able to access their account until they set up 2FA.

Was this article helpful?

We’re sorry to hear that. Would you like to share more feedback?

Thanks for your feedback!