Enable 2-Factor Authentication
Adding extra security to your WhatPulse account can be achieved using our 2-Factor Authentication (2FA) implementation. We use a Time-based One-Time Password (or TOTP) method, which means you can receive a code on either your phone via text message, or via an authenticator app to prove that it's actually you that's trying to log in.
Examples of applications that can help you with this are:
Enabling 2FA
Authenticator App
Go to the Security section of your dashboard and do the following:
- Click the checkbox "Authenticator app"
- Scan the QR Code with your application:
- Example for 1Password
- Example for Google Authenticator
- Enter the generated code
- Click the "Save" button
Text Messages
Go to the Security section of your dashboard and do the following:
- Click the checkbox "Text messages"
- Select your country
- Enter your phone number
- Click the "Send verification code" button
- In the popup, enter the six-digit code that arrived on your phone
- Click the "Verify code" button
You have now enabled two-factor authentication via your phone.
Log in
Once you've enabled 2FA in your dashboard, go ahead and log out and log back in to give it a try. First, log in normally using your email address and password. Then you'll be prompted for a One-Time Password code. Copy and paste the generated code by your manager (i.e. Google Authenticator or 1Password), or that's sent to your phone and click the VERIFY button to finish your login.
If you have both the authenticator app and text messages configured for two-factor authentication, you can use the button Text a code to my phone to use a text message code instead of the authenticator app. This is for when you don't have the app handy.
Recovery
If you lose the ability to enter codes (new phone, something happens), you can reset your 2FA by doing a password recovery. You'll be required to confirm via an email before that happens.