Enabling Two-Factor Authentication (2FA)

Turn on two-factor authentication for your user account to increase security to your and your customers' data.

Two-factor authentication (2FA) is used when logging in for increased security. After entering in your username and password, the system sends you a code that you have to enter before login is complete.

In this article:

 



Enabling 2FA

  1. To enable two-factor authentication for your account log in to admin, and then click your avatar at the top right, then My Profile.

  2. Click Enable for Two-Factor Authentication.

  3. A window will open with a QR code. At this point, you'll need an authenticator app on your phone. You can use any modern authenticator app such as Google Authenticator or Microsoft Authenticator. If you don't have one yet, choose one and install it before continuing.
  4. Open up your authenticator app on your phone. You should see an option to add an applicator or scan a QR code. See examples for Google Authenticator and Microsoft Authenticator below. 
    1. Google Authenticator
      1. Click the + at the bottom right, then click Scan a QR code and then continue to the next step below.

    2. Microsoft Authenticator
      1. Click the + at the top right of the screen, click a type (I've selected "Work"), click Scan QR Code and proceed to the next step.

  5. In your app the camera will open and you should scan the QR displayed inside Commerce7.
  6. The app will respond with a 6-digit code.
  7. Enter the code into Commerce7 and click Complete Setup.

  8. Setup is complete! Learn about what to expect when logging in using 2FA here

Note: You can only enable 2FA for your own user account. You cannot enable it for another person. 

 


Logging in with 2FA

For users logging in to Commerce with 2FA enabled, there are now "2" steps involved.

  1. Open up Commerce7 and first enter your username and password like normal.
  2. Before login is complete, you'll be asked to verify with a 6-digit code. Open up your authenticator app (the one you used in setup above).
  3. In the app, you'll see a code listed for "Commerce7".
  4. Enter this code into the Commerce7 login and click Continue.

  5. If the code is correct then you'll be logged in! If the code is incorrect, it'll tell you to try again.
    1. The code listed in the authenticator app does change frequently, so double-check that the code you entered is still the one being listed. 
  6. Next time you log in, you'll use the same process but the app will give you a new code every time.

Coming Soon - Currently, when using 2FA you'll need to enter a code every time you log in. Soon we'll be launching a feature that will allow to you check a box to "Remember the current device for 30 days". This means that once you enter a 2FA code, you won't be prompted again on that device for another 30 days. 



Disabling 2FA 

For your own account

If for whatever reason you want to disable 2FA, you can do so in your account settings. 

  1. In Admin, click on your avatar at the top right then My Profile
  2. Click Disable next to Two-Factor Authenticator.
  3. You'll need to check the authenticator app once last time for a 6-digit code to confirm.
  4. Enter the 2FA and click Disable 

For another account (as an Admin Owner)

If someone for your company has lost their phone or can't seem to log in with 2FA, a user with Admin Owner permissions will need to disable it for you.

  1. In Admin, go to Setting > Accounts
  2. Select the user that needs it disabled
  3. In the window that opens click Disable next to Two-Factor Authentication
  4. Another window will open asking you to confirm
  5. Click Disable 

 



FAQs

  1. What do I do if I have 2FA enabled, but I can't log in?
    If you can't log in or you lost the phone that you set two-factor authentication up with, you'll need to contact someone from your company with Admin Owner access in Commerce7. They'll be able to disable it for your account. For your security, Commerce7 cannot disable it for you as we would be unable to verify your identify. Steps are here.
  2. Do I have to enter in a code every time I log in?
    For now, yes, but very soon we plan to add the ability to "remember your device for 30 days". This means that for each of your devices, you'll only need to enter a code the first time you log in with 2FA and it'll only prompt you again in 30 days, etc.