What is 2 factor authentication? (2FA)
Typically when you log into something, you provide an email address and password. This is one "factor" of authenticating who you are. 2FA refers to using a second factor to confirm your identity. Most commonly, the two factors in 2FA are something you know, and something you have. The password is something you know and most often your phone is something you have.
Why should I use 2FA?
Additional security! Cliniko's servers and infrastructure is very secure, but if someone gets ahold of your password, they can easily log in to your account. By utilising 2FA, someone needs both your password AND your smartphone to get access to your account. Put simply, enabling 2FA is the single best thing you can do to improve the security of your Cliniko account.
Will I be Locked out of my account if I lose my phone?
That's where back-up codes come in! Within Cliniko, you can generate a set of single use back-up codes that you can print off or save somewhere just in case you can't access your phone—giving you access until you can retrieve your phone or get a new one.
☝️ Note: This is important! Make sure to generate and print or save the back-up codes to ensure you can always access your account .
Okay, sounds good! Now how do I set it up?
The very first thing you'll need to do is download an authenticator to your mobile. We recommend Twilio Authy, as it's quite easy to install and set up. (You can use any 2FA app you want, but we really like Authy!)
You'll also want to make sure you have a mobile phone number set up in your Cliniko profile. 2FA won't work unless you have a mobile phone number! 📱
Once you have that done, follow along with these steps in Cliniko.
Click on My info, under your name:
Under the 2 factor authentication settings, click the "Enable 2 factor authentication" button:
There will be a few steps to follow from the 2FA app, from this point:
On your mobile phone, open up Authy.
Press the Add account button.
Press the Scan QR code button.
Point the camera/barcode scanner at your screen, and then type "Cliniko" into the verification code field. Below is an example of what the page will look like:
Click Enable 2 factor authentication.
You're all set! 🙌 Now, the next time you log into Cliniko, you'll be prompted to enter a code. You will need to open up the Google Authenticator to get this code. Keep in mind that codes expire every 30 seconds, so if you're having some trouble logging in, wait for the code to "refresh", and then try again!
What about those backup codes?
Your account information page will let you generate backup codes. To grab these, head back to the 2FA area on your account information page, and click Generate backup codes:
You can print these off and store them somewhere safe. If you already use a password program like 1 Password, you can use it to store your codes as well!
☝️ Note: It is very, very important that you store these codes somewhere! Whether you print them, take a screenshot, write them out by hand…just be sure to save them somewhere!
As always, let us know if you have any trouble with the setup of 2FA—we think it's a great option to keep your account secure, and recommend that everyone does this!