1. Help Center
  2. Account Management

Overview: Two-Factor Authentication (2FA)

IN THIS DOCUMENT

What is two-factor authentication?

Two-factor authentication (2FA) is a security process that requires users to provide two different authentication factors to verify themselves. It provides an extra level of security when logging into websites or apps then only one authentication factor provides (typically the single authentication factor used is a password). 

Two-factor authentication requires the user to provide a password along with a second factor of authentication that only you have access to.

        The Two-factor authentication functionality is available on all paid plans (Starter, Professional, Growth and Premium).

    Databox supports 2 alternative authentication factors:

    1. One-time code sent as a text message (SMS)
    2. One-time code generated with an Authenticator app

    Both methods are equally secure. The SMS method has the authentication tied to the phone number, not the device. The Authenticator method is linked to the app and device. 

    Pro Tip: Two-factor authentication is an extra layer of security available for the username/password sign-on method in Databox. There are also other sign-on authentication methods supported by Databox, like Google Sign-on and SAML SSO, which don’t require a 2FA code to be entered.

    Two-factor authentication can be enabled directly within those providers.

    It's recommended that all users who log in with a username and password set up two-factor authentication

    How to access two-factor authentication

    IN THIS SECTION

    How to access two-factor authentication from your Databox Analytics Account

    Open your Databox Analytics Account and navigate to Account > My Profile, this will open the Account Management page. Navigate to the two-factor authentication tab under the Password & Security section. 

    How to access two-factor authentication from your Databox Benchmark Groups Account

    Open your Databox Benchmark Groups Account and navigate to Account > Profile. Click on the Change name, email, password and access link to open the Account Management page.  Navigate to the two-factor authentication tab under the Password & Security section. 

    How to set up two-factor authentication

    HOW TO SET UP

    How to set up a one-time code generated with an Authenticator app

    If you don't already have one, download an authenticator app like  Google Authenticator or Duo on your mobile device. 

    On the Accounts Management page, navigate to the two-factor authentication tab under the Password & Security section. Click the green Enable button to start the setup process. Select Authentication app as the security method. 

    After selecting this option, you're prompted to set up your one-time password generator (like Google Authenticator) by scanning the QR code or entering the 16-character code provided. You'll see a one-time code on your device created by the Google Authenticator to verify the authentication method. 

    In the login window, you're prompted to enter the code in Databox. If the code is correct, 2FA will be enabled along with the associated authenticator. On every future login, you'll need to open the authenticator to access the unique one-time code before gaining access to your Databox Account. 

    How to set up a one-time code sent as a text message (SMS)

     

     

     

    On the Accounts Management page, navigate to the two-factor authentication tab under the Password & Security section. Click the green Enable button to start the setup process. Select Text Message (SMS) as the security method. 

     

    After selecting this option, you're is prompted to enter your country code (i.e., +1, +386, etc.) and phone number. We'll send a code to the phone number that's submitted to verify the authentication method. 

    In the login window, you're prompted to enter your 2FA code. If the code is correct, 2FA will be enabled along with the associated phone number. On every future login, you'll be sent an SMS and prompted to enter the code before gaining access to your Databox Account. 

    How to use two-factor authentication

    IN THIS DOCUMENT

    How to use a one-time code generated with an Authenticator app

    If you have 2FA enabled with "one-time code generated with an Authenticator app" setup, at each login after you enter the correct username and password you'll be prompted to enter the one-time code generated by the authenticator. To access this code, you must open the authenticator app. 

    How to use a one-time code sent as a text message (SMS)

    If you have 2FA enabled with "one-time code sent as a text message (SMS)" setup, at each login after you enter the correct username and password you'll be sent an SMS and prompted to enter the code before gaining access to your Databox Account. 

    How to enable two-factor authentication (2FA) for all users

    Admins can enforce the Two-factor authentication (2FA) for all users in their Account. Requiring two-factor authentication, will significantly reduce the risk of unauthorized access, even if your password is compromised.

    Two-factor authentication (2FA), is a security measure that adds an extra layer of protection to your accounts. Instead of relying solely on a password, 2FA requires users to provide a second piece of information, typically a temporary code sent to their mobile device or generated by an authentication app.

    This feature is only available to the Account Owner or Admin users on the Premium plan. Request a trial of this feature by following these steps.

    The Account Owner or Admins on Starter, Professional, and Growth plans can purchase the Advanced Security add-on to get this feature. Purchase the Advanced Security add-on from the Billing page here

    force 2fa GIF

     

    Pro Tip: For Agency Accounts, if this option is enabled, it will only affect users in the Agency Account. Client users will not be affected by this option if it is enabled in the Agency Account, and they can determine settings for their own 2FA policy.

    1. In your Account Management Applicationnavigate to Advanced Security > Two-factor authentication
    2. Click the Require two-factor authentication for all users toggle. This will open a pop-up window for confirmation.
    3. Click on the red Yes button in the pop-up window
    4. Click on the green Save Change button. 

    How to recover account access if you have two-factor authentication setup

    Learn how to recover account access if you have two-factor authentication set up here.

    How to remove two-factor authentication

    On the Accounts Management page, navigate to the two-factor authentication tab under the Password & Security section. Click Disable two-factor authentication at the bottom of the screen. Click Confirm in the confirmation window to disable two-factor authentication.