Online security is becoming ever more important as more of our work moves online. Scammers can use phishing emails and other methods to try and get users’ login credentials and gain access to sensitive data in your ProWorkflow account.
Two factor authentication (2FA) provides an extra level of security makes it much harder for someone else to impersonate you and gain access to your ProWorkflow account.
2FA is optional for most users, however it may be mandatory if
- Your account admin has enabled a setting to force 2FA for Staff, Clients or Contractor user types
- Your account uses a financial plugin like Xero
What is 2FA?
2FA simply adds another step in the login process. After entering your email and password, you generate a code using an app on your phone, tablet or computer, then enter the code into the login screen
What App to Use?
If you already use an authenticator app, provided it supports TOTP (Time-based One Time Password) it should also work for ProWorkflow.
Note: Please ensure time and date settings are being automatically set on your phone.
If you don’t have one on your mobile phone already, we recommend any of the following
Simply search for ‘authenticator’ in your mobile device’s app store. The apps are free, and there are a few options you can choose from.
These apps don’t connect to ProWorkflow and there is no transfer of data between them.
It is also possible to use a browser extension add-in like this Authenticator
How to Make 2FA Mandatory
If you want to make 2FA mandatory for users in your account, there are toggle controls in the Settings / General Setting section. Turning this on for staff will force all staff users to set up 2FA next time they log into ProWorkflow.
Control 2FA from your Profile
To enable or disable your 2FA settings, head to the security tab in your profile.
How to Set Up 2FA in ProWorkflow
Whether you opt in to 2FA via your settings tab in your profile, or if 2FA has been made mandatory for your account, the process is very simple.
- To setup 2FA, you will need to scan a QR code with your Authenticator app
- Then enter the 6 digit code created.
- That’s it. Simple.
The app generates a new code every 30 seconds, so the code is different each time you log in.
No one else can log into your account, as you’re the only one who knows your username and password and has access to your authentication device.
If you have lost, or don’t have access to your authentication device for any reason, we will send reset instructions to your verified email address. If 2FA is mandatory, you will need to set up 2FA again next time you log in.