Configuring Two-Step Verification

What is Two-Step Verification?

Security is EverTrue's utmost priority! Just like your online banking system or email provider, EverTrue offers two-step verification as an added layer of security. This feature requires a mobile device capable of receiving text messages to be in the hands of the user in order for them to access their EverTrue account. Once enabled, EverTrue sends the user a text message containing a pin code that must be entered to log in.

  • Note: Two-step verification is sometimes referred to as multi-factor authentication (MFA), two-factor authentication (2FA), or dual-factor authentication. 

While there is not currently a way to enforce/require this extra security measure, we highly encourage each user to set up two-step verification! If you are an EverTrue Owner/Admin, you can see which of your team members have or have not implemented this security feature by opening your User Menu dropdown located in the top-right corner of the EverTrue platform, selecting Settings, and navigating to your Manage Team tab. Scroll to the 2-Step Verification column to see a green (yes) or a red (no) icon indicating whether a user has it enabled. 

If two-step verification has not been enabled for your organization, please contact genius@evertrue.com to have this security feature activated. If your organization uses our SSO, take a look at our dedicated configuration article for this login option! 


Enabling Two-Step Verification

To enable two-step verification, start by logging in to EverTrue's platform via your web browser. Open your User Menu dropdown located in the top-right corner of the webpage, select Settings, navigate to your Security tab, and click Turn on 2-Step Verification

Upon clicking this button, a new window will open in which you will be prompted to enter your mobile phone number. Please enter your number and select Submit to send a 6-digit verification code to your mobile device. 

Once you receive your code, enter it on the screen and click Verify to finish enabling two-step verification!  

It is a good practice to always keep two-step verification enabled. If at anytime you need to disable the feature, simply click Turn off 2-Step Verification within your setting's Security tab.

  • Note:  Any admin of your organization's EverTrue account will be able to see whether or not you have enabled this security feature. However, they will not be able to enable/disable it for you.

Understanding "Trust this Device"

EverTrue's two-step verification feature is a little different than other services you may use. By selecting Trust this Device when enabling the feature (you will see this option in the screenshot above!), you are letting EverTrue renew your session automatically. Typically, sessions renew ever hour (this is due to our authentication with LinkedIn), so trusting the device allows us to bypass asking you for a code every hour. This trust will stick for 30 days, after which you will be required to enter a new code and re-trust the device. 

However, if you log out of EverTrue and/or your browser does not store cookies (e.g., you are in a private or incognito browsing window), then EverTrue will default to challenging your login with a two-step verification code. The benefit here is that if your LinkedIn account password is ever compromised, EverTrue is still secure. 


For any other questions reach out to EverTrue Support at genius@evertrue.com.

Was this article helpful?

Reply

null

Content aside

  • 2 yrs agoLast active
  • 661Views
  • 1 Following