What is two-factor authentication and how does it work?
Two-factor authentication (or "2fa") is a way to enhance the security of your CRM account by adding an extra step to the login process. Without 2fa, you only need a password to log in. That's the first factor.
With 2fa, in addition to a password, you need a second factor every time you log in. The second factor is a one-time code that can be sent to you via email, SMS, or an app on your phone. This way, even if someone steals your password, they still won't be able to log in as you without this temporary code. We encourage all of our users to enable 2fa in order to make their account more secure.
If you'd like to use 2fa, you can enable it from the profile and login info settings page.
Which method should you use to receive your login codes?
When enabling 2fa, you will be asked how you'd like to receive your login codes. Here's a bit of info on each option:
Authenticator app (Recommended)
With this option, you'll need to install an authenticator app on your phone. We recommend Google Authenticator. After you've installed the app and enabled 2fa in the LACRM settings, anytime you log in, you'll be prompted for a 6-digit code. At that point, you simply need to open the app on your phone, and a 6-digit code will be displayed, which you can then type into the LACRM login screen.
Why we recommend this option:
- This is the most secure option - Because the codes are stored on your phone rather than being sent to you each time you log in, there's no way for hackers to intercept the codes we're sending you.
- There are no delays - Sometimes email and SMS can be delayed for reasons outside our control. If you choose the SMS or email options, you'll need to wait to receive a code from us. If those codes are delayed, you won't be able to access your CRM. With an authenticator app, the codes are generated on your phone so you never need to wait.
The main downside to using an authenticator app is that if you get a new phone, you'll need to set it up again. This means it's very important to store your backup codes somewhere other than your phone so you don't get locked out of your CRM.
Only available in the US, Canada, and the UK
With this option, every time you log in to LACRM, we'll send a temporary code to your phone. You'll just need to enter this code in the LACRM login screen.
This option isn't as secure as using an authenticator app because it's relatively easy for someone to hijack your phone number and receive your SMS messages as you (hackers can literally walk into a mobile phone store and pretend to be you). This is still more secure than not using 2fa at all because hackers will need your password and access to your phone number.
With this option, every time you log in to LACRM, we'll send a temporary code to the email address you use to log in to the CRM. You'll just need to find this email in your inbox, copy the code, and paste it into the corresponding field on the login page.
This option is easy, and relatively secure. The main downside is that if someone hacks your email, not only will they be able to receive the 2fa codes, but they'll also be able to reset your password. So it's not as secure as the authenticator app option, but it's still more secure than not using 2fa at all.