Two-factor authentication (also known as 2FA, two-step authentication, multi-factor authentication, and MFA) is an additional security step you can add to your account. It means staff will need to open a third-party app, take the code that shows there, and enter it into RotaCloud when logging in to confirm their identity.
RotaCloud now allows you to enforce this additional login step for all your employees to help protect data in your account.
Important steps to take before enforcing two-factor authentication
When you enable enforced two-factor authentication, we would recommend letting all staff know that this will be happening and strongly encouraging them to set up 2FA before this is done. You can send them this article which will go over the steps on how to set this up. This will help make the process much smoother when 2FA is enforced as anyone who does not have this set up already will be logged out.
(A good way to send this information out to staff would be using the Memos tool).
Before you can to enable enforced two-factor authentication, you will need to ensure you are using 2FA yourself. If you don't have it enabled yet, you will see the screen below and you can follow the steps in this article to enable this for yourself.
Enabling enforced two-factor authentication
Once the above steps have been completed, you can click the cog icon in the top right of your account to access your Settings. Scroll down and, towards the bottom of your page, you will see a section titled 'Enforce Two-Factor Authentication' with an option to tick this on.
After you have ticked this, all staff who do not have 2FA enabled already will be logged out and will need to follow these steps to set it up before they can log in.
When using 2FA, it is also important to retrieve your recovery codes in case you are locked out of your account. You can learn more about recovery codes here.