Set up 2 factor authentication (2FA)

Add an extra layer of security to your Cliniko account.

Jim Sadusky avatar
Written by Jim Sadusky
Updated over a week ago

Already set-up 2FA but currently having issues logging in? Check out our troubleshooting guide to get you back-up and running!

Two-Factor Authentication (2FA) is an additional security measure used to protect your Cliniko account. It requires you to provide two forms of authentication when logging in: your regular password and a temporary code generated by an authenticator app.

This extra layer of protection is crucial because it significantly reduces the risk of unauthorized access to your account. Best part is? It's easy to set-up 🙌! Need a quick video guide? We also got you covered:

In this guide we’ll walk you through setting up 2FA for your account, generating back-up codes, and what the 2FA login process will look like once enabled.

Enable 2 factor authentication

An administrator may require all users to enable 2-factor authentication. If this setting was enabled, the next time you login you’ll see an alert and must enable 2FA before you continue:

Follow the steps listed, otherwise, if you’re looking to enable 2FA for yourself, within Cliniko, you'll want to head to My info (located underneath your name in the menu):

Under the 2 factor authentication settings, hit the "Enable 2 factor authentication" button:

You’ll now need to follow these 4 steps.

Step 1: Make sure your mobile numbers are still current

Double-check that your mobile phone number is accurately entered and reflects the most current information in your profile. Without a correct and up-to-date mobile phone number, 2FA cannot function effectively and we cannot verify your identity if you need to reset 2FA.

Step 2: Download an app for your smartphone

Next, you'll need to download an authenticator app. We recommend the free app Twilio Authy, as it's quite easy to install and set up. (You can use any 2FA app you want, but we really like Authy!)

Support for Authy's desktop app ends 19 March 2024. We recommend downloading/switching to Authy's free mobile app. If you see a paid app for Authy, please double check that you're downloading "Twilio Authy" from Authy Inc.

Step 3: Add Cliniko to your authenticator app

From this point, there will be a few steps to follow within your 2FA authenticator app (keep in mind these instructions might change depending on your 2FA app):

  1. On your mobile phone, open up Authy.

  2. Press the Add account button.

  3. Press the Scan QR code button and point your mobile camera at your screen.

If you cannot scan the QR code for any reason, you can instead enter the key manually. This is great if you have downloaded a 2FA app on your desktop or have a device without a camera. Copy the code from Cliniko and enter the code into Authy in order to proceed to step 4.

Step 4: Enter your verification code

Once you've added your account to your authenticator app, you'll now enter the verification code generated within Authy into your Cliniko account on the 2 factor authentication page:

Just note that the verification codes expire every 30 seconds. However, once you enter the verification code, make sure to click Enable 2 factor authentication at the bottom of the page. Now, you're all set! 🙌

Login process with 2FA enabled

Once you have 2FA enabled for your Cliniko account, here’s what your login process might look like:

  1. Enter your email address and password.

  2. When prompted, grab the 6-digit verification code found in your authentication app.

  3. Enter that code into Cliniko, and you’re in!

That’s it 🙌!!

Once you set up two-factor authentication (2FA) for your Cliniko account, you'll be requested to enter a unique code each time you login from a browser or device we don't recognize. However, using the "keep me logged in on this device" option, it'll change how 2FA works and we won’t ask for 2FA codes again for 30 days.

Generating 2FA backup codes

Within Cliniko, you can generate a set of single use back-up codes that you can print off or save somewhere just in case you can't access your phone—giving you access until you can retrieve your phone or get a new one.

This is important! Make sure to generate and print or save the back-up codes to ensure you can always access your account.

Your account information page will let you generate backup codes. To grab these, head back to the 2FA area on your account information page, and click Generate backup codes:

Once generated, you can print those codes off and store them somewhere safe. If you already use a password program like 1 Password, you can use it to store your codes as well!

It is very, very important that you store these codes somewhere! Whether you print them, take a screenshot, write them out by hand…just be sure to save them somewhere!

As always, let us know if you have any trouble with the setup of 2FA—we think it's a great option to keep your account secure, and recommend that everyone does this!

Did this answer your question?