We take security seriously. To prevent unauthorized use of your account, please enable two-factor authentication (2FA) for your Smartly.io user account.
Two-factor authentication means that logging in to your account requires both your password and a second authentication method. In the Smartly.io app, we support two-factor authentication apps as the second method.
Requiring a second authentication method provides additional security to your user account. If 2FA is not enabled, a malicious actor who gains hold of your account password will be able to use it to access your Smartly.io user account. When 2FA is enabled, a one-time code generated by the authenticator app on your phone is required in addition to your password. Without the code, your user account cannot be accessed.
Note that enabling 2FA does not remove the need for a strong, unique password and proper password management. See our Password policy for more information. If you suspect that someone has gained hold of your password, change your password immediately.
For more information on two-factor authentication, see How to: Enable Two-factor Authentication by the Electronic Frontier Foundation.
Enabling two-factor authentication in Smartly.io
- Install a two-factor authentication app such as Google Authenticator or Authy for your iPhone, Android or Blackberry
- Go to User Settings
- Scan the two-factor authentication QR code with your authenticator app
- Follow the on-screen instructions
After two-factor authentication is configured, you will need both your Smartly.io password and a code from the authenticator app to log in to your Smartly.io account.
Note that if you lose the phone where you've installed the 2FA app, you may lose access to your Smartly.io login. Some authenticator apps allow recovering the authentication codes on a different device. Study the documentation for the 2FA app you've selected to see if that is possible.
If you've lost or changed your phone, see How to reset two-factor authentication after changing phones? below for instructions on how to proceed.
Two-factor authentication not working
The Google Authenticator app uses the mobile device's system time to calculate the verification codes for a given moment. If you find that two-factor authentication is not working when logging in, enable automatic time and date sync on your device and try again.
You can test if your phone is reporting the time and date correctly by opening to the following web address on your phone: https://app.smartly.io/login/time/
Please let us know if you have some questions about two-factor authentication or our security measures in general.
How to reset two-factor authentication after changing phones
If you have changed your phone, in order to be able to sign in to your account the two-factor authentication needs to be reset. This has to be done on our end, so please contact either your Account Manager or the support chat directly if you need us to carry this out for you.
Enforcing two-factor authentication in your company
In order for company admins to verify if their users are authenticating through two-factor authentication, go to your Company Settings and check the column Two-Factor Authentication.
Avoid using shared accounts
We strongly recommend against using shared accounts as it's extremely difficult to track who does what when using a shared account.
Passwords that are stored in internal wikis or other shared storage can be another hazard. Make sure that your Smartly.io user account password is unique and only known to you.
When inviting users to Smartly.io, make sure you send a personal invitation in order for them to connect as themselves.