In this article, you'll learn:
- How multi-factor authentication works.
- How to enable multi-factor authentication for your super admin account.
- How to enable multi-factor authentication for your team accounts.
About Multi-Factor Authentication
Multi-factor Authentication (MFA) is an authentication method that requires a user to provide two or more forms of verification to gain access to a platform. This offers the account an extra layer of security against cyber risks such as hacking.
With CommentSold, retailers can enable multi-factor authentication for their Shop Admin and team accounts. When these individuals log into CommentSold, they will be prompted to enter an authentication code sent to the email address attached to their user record in CommentSold. Once the admin or team member enters this code, they can access CommentSold.
We strongly recommend retailers enable multi-factor authentication for their Shop Admin and all team members with All Permissions access.
How Multi-Factor Authentication Benefits Your Business
- Having a second form of identification can decrease the chance of criminals gaining access to your admin panel. This prevents these individuals from pulling sensitive information such as customer contact information and rerouteing goods and/or payments.
- Verify the identity of your team members, partners, and virtual assistants.
- Prevent the use of shared logins among team members.
How Multi-Factor Authentication Works
When your shop admin or team members attempt to log into their account, CommentSold will prompt them to enter a code sent to the email tied to their user record. Codes are only active for 30 minutes once sent.
Your shop admin or team members should look for an email with the subject Login Verification sent by CommentSold Support (firstname.lastname@example.org).
Once the user enters and submits the code, they should be able to log in. Users won't be asked for a verification code again unless they're signed out entirely and need to sign in again.
If the user receives an error or experiences an issue logging in, it could be that they entered their code incorrectly. Have them try entering it again. If the code has expired, they can select Resend Code on the verification screen.
If the login was unsuccessful, it's possible the code has expired or entered incorrectly. In this case, the system will give a warning.
Enable Multi-Factor Authentication for Your Admin Account
Before you enable multi-factor authentication for your shop admin account, we strongly recommend you first confirm the email address listed on your Account page. This is the email address where CommentSold will send the verification code. If you need to update your email address, enter a new address in the Email field and select Update Email.
- Select Setup in the side menu of your CommentSold dashboard.
- Select Account from the options listed at the top of the page.
- Scroll and locate the option Enable Multi-factor Authentication (MFA) via Email.
- Select Enable.
Enable Multi-Factor Authentication for Your Team Accounts
You can enable multi-factor authentication for individual team accounts. This allows you to enable added security for those team members who have access to sensitive information such as financial reporting, payments, and customer details.
- Select Team in the side menu of your CommentSold dashboard.
- Locate the team member for which you wish to enable MFA, and select the three-dot icon on the far right of the row.
- Select Enable Two-Factor Authentication with Email from the drop-down.
- Confirm this action by selecting Confirm on the pop-up.