Two Factor Authentication for the Memberstack Dashboard (2FA)

Article author
Duncan Hamra

If you're looking to add an extra layer of security to your Memberstack site, read on. In this article, you'll learn how to add Two Factor Auth (2FA).

And for added security, I'll show you how to require Memberstack users to enable 2FA on their devices.

 

Before You Start

To use 2FA, you'll need an authenticator app on your smartphone or tablet. Good options (available for Android and iOS devices) include:

Enabling 2FA

  1. Go to your Memberstack dashboard and click the Profile icon (it's in the bottom left corner of the screen).
  2. Select Account.
  3. On the Edit Profile popup, click the Set up button.

a-1.png

With the popup window open, complete these steps.

  1. Scan the QR code with the authenticator app on your device.
  2. Locate the six-digit security code on the app.
  3. Go back to the popup window and enter the code into the field.
  4. Click Verify Code.

a-3.png

Back up

The next window gives you a chance to back up your 2FA access, just in case there is a problem with the app or (more likely) you loose or break your device.

Copy the back up access codes and save them in a safe place. You can each access code just one time. Check the box to confirm you have read and accept the terms.

Click the Enable 2FA button.

a-5.png

That's it. 2FA is enabled.

From now on, each time you log in to your Memberstack account, you'll enter a new 2FA security code.

a-6.png

Disabling 2FA

  • Account owners – If you are the owner, you'll see a toggle switch to enable or disable on the Team page
  • Other team members – only owners can turn on or off 2FA for an entire project. If you are not the owner you can disable 2FA on your account (and lose access to the site) by navigating to your profile and click Turn off.

a-10.png

 

Adding 2FA to Apps

You can also force users to enable 2FA on their devices.

  1. Go to your Memberstack dashboard and click Settings on the side menu.
  2. Click the Team Members tab.
  3. Switch on the 2FA toggle.
  4. To disable 2FA, switch off the toggle.

a-7.png

The user experience

Once enabled, the user needs to complete all the steps described above before they can log in:

  1. download an authenticator app
  2. scan the QR code
  3. enter a security code
  4. copy back up codes

That's all.

Now you know how to enable and disable 2FA protection for your account and your users' accounts.

 

Was this article helpful?

Comments

3 comments

Please sign in to leave a comment.