Enable 2-Factor Authentication
Adding extra security to your WhatPulse account can be achieved using our 2-Factor Authentication (2FA) implementation. We use a Time-based One-Time Password (or TOTP) method, which means you can receive a code via an authenticator app to prove that it's actually you that's trying to log in.
Examples of applications that can help you with this are:
It's also possible to use Passkeys, which is a more modern and secure way to authenticate. This can be a great alternative to traditional 2FA methods, as it allows software Passkeys, or even physical security keys like YubiKey, to be used for authentication. You can find more information about Passkeys here.
Creating Passkeys
To enable Passkeys, go to the Security section of your dashboard and do the following:
- In the "Passkeys" section, enter a name for the Passkey you're about to create, and click the "Create" button.
- Follow the instructions to create a Passkey using your device's authentication method (e.g. Face ID, Touch ID, or a PIN).
- Once the Passkey is created, it will be listed in the "Passkeys" section of your dashboard.
Done! You can now use the Passkey to log in to your WhatPulse account. On the login page, click the "sign in with a passkey" link, and follow the instructions to authenticate using your Passkey.
Enabling 2FA Authenticator app
Go to the Security section of your dashboard and do the following:
- Click the checkbox "Authenticator app"
- Scan the QR Code with your application:
- Example for 1Password
- Example for Google Authenticator
- Enter the generated code
- Click the "Save" button
Log in
Once you've enabled 2FA in your dashboard, go ahead and log out and log back in to give it a try. First, log in normally using your email address and password. Then you'll be prompted for a One-Time Password code. Copy and paste the generated code by your manager (i.e. Google Authenticator or 1Password) and click the VERIFY button to finish your login.
Recovery
If you lose the ability to enter codes (new phone, something happens), you can reset your 2FA by doing a password recovery. You'll be required to confirm via an email before that happens.