NOTICE: In the coming weeks we’re going to require all Syncro accounts to set up 2FA for all users. For more info see here
Two Factor Authentication is where you need an additional bit of information like a one-time use code in addition to your username and password to login. It greatly enhances the security of your account. We have followed industry best practices and enabled 2fa just like all the big players on the internet.
What it Does
- Secures your account by requiring the code once per 30 days (per browser)
- Allows for recovery using offline recovery codes and/or SMS recovery code
What it Doesn't Do
- Saves your passwords or other credentials
You can first opt-in yourself by visiting the "Profile/Password" page. Then scroll down and enable it.
You will be in a wizard, and it won't be turned on unless you successfully enter one code.
Now open the Google Authenticator (or similar/compatible app) from your smart phone and scan the QR code to add the account to your smartphone.
Great! Now it's enabled. Now you should download some one-time-use recovery codes and put them somewhere very safe. You cannot access your account with these if you lose access to that Authenticator Profile you just added
Now you should really also setup recovery SMS
Now you are really done setting yourself up. If you want, you can force everyone in your company to do this. WARNING: Once you enable it, they are immediately forced into this setup wizard so time it when everyone is ready to set it up or you might lock people out.
You can see which users have enabled it here too
As an organization, we’ve required multi-factor security on the tools we use internally and maintain many layers of security for our staff. One thing that seemed to not align while we were looking at our security posture was that we have Two Factor Authentication (2FA) as an option in our software for you to use, but we don’t require it. We believe everyone wants to use 2FA, and sometimes there’s just too much going on to feel like it’s a good time to “make time” to set it up.
In the coming weeks we’re going to require all Syncro accounts to set up 2FA for all users. Many companies do this when you need to access a system that warrants high security. For instance, online banking might require 2FA if you want to send a wire transfer. We feel having access to our powerful RMM warrants 2FA and it’s our job to help everyone increase security more broadly.
We believe we’ve thought through the various use cases this change could affect. However, if this is going to cause you a workflow or usability problem we definitely want to hear about it! Please email us at firstname.lastname@example.org and let us know what type of problem(s) you may incur from this change.
Our 2FA help page here covers how you can use Authy, Google Authenticator or any other compatible app to enable 2FA on your account.
We will continue to communicate about this requirement over the coming weeks, both within the app itself and via email. Please keep an eye out!
If someone gets locked out, an admin on your account can "unlock" a user account, but without recovery codes or recovery SMS a user account cannot be unlocked.