Two-Factor Authentication (2FA) requires two components in order to login to your account:
- Your Formstack account password
- An authentication code sent to a mobile device via an app like Duo or Authy, or SMS
Once 2FA is enabled, upon login, Formstack will send an authentication code to the user’s mobile device. Depending on the selected delivery method, the code will either be generated by an application on your mobile device or sent as a text message (SMS).
You must have both the user’s Formstack password and the authentication code. We strongly encourage users to turn 2FA on for the safety of their accounts. If you’re an admin, see how to force this functionality for all users on in your org.
Enabling Two-Factor Authentication
All users on a Formstack account can enable 2FA on their Profile pages by navigating to their Admin page by selecting “Administration” in the product switcher.
Head to the “Your Profile” page and scroll down to the “Security” section. From there, select “Enable”
Next, decide whether you'd like to use an app or SMS to authenticate your login.
Choosing "Setup App"
Click "Setup App" in your Formstack profile settings.
Use the "Find a two-factor application" link to find and download an app to your mobile phone or tablet.
- Google Authenticator (Android/iPhone/BlackBerry)
- Duo Mobile (Android/iPhone)
- Authy (iOS, Android, Blackberry, Mac, Windows, Linux)
- Amazon AWS MFA (Android)
- Authenticator (Windows Phone)
Next, open the app on your mobile device and scan the provided QR code when directed.
Note: If the QR code is not accepted by your app you can produce a shared key by clicking on link next to the QR code and type the code manually into the app instead.
Finally, enter the authentication code generated by the app.
Choosing "Setup SMS"
Click "Setup SMS" in your Formstack profile settings.
Enter your phone number and click "Send SMS". You will receive a text message with a code shortly.
Next, enter the authorization code you received on your mobile device into the associated text box.
Click "Enable Two-factor Authentication"
Congratulations! You've successfully enabled two-factor authentication!
Setting up Backup Options
Now that you've enabled two-factor authentication it's important to have a backup plan just in case you forget to take your phone out of your pocket before jumping in the pool or decide to do your own "Will it Blend?" test at home.
If you set up two-factor authentication using an app click the "View Backup Verification Codes" button and copy them down in a safe place somewhere other than your phone.
For a universal back up option click the "Setup a Backup SMS Number" and enter a different mobile phone number than the one you are currently using to receive authentication code texts.
Changing or Removing Two-Factor Authentication
Changing or removing Two-Factor Authentication is easy! Just return to your profile settings and click either "Change" to change the way you authenticate your login or "Remove" to remove two-factor authentication from your account altogether.