Two-Factor Authentication (or two-step verification) is an important security method that adds an extra layer of protection. Adding this additional security layer makes it much harder for hackers to break into your account or access your bots.
So in addition to Recaptcha and the security measurements that Monty follows, you can also:
-
Secure your account by enabling 2FA
-
Secure your bot by forcing 2FA on all of your team who has access to your bots.
How-to Guides
How to enable 2FA for your account
-
Go to Account Settings, and Navigate to Privacy Section
-
Turn on: Activate Two-Factor Authentication and follow the steps in the pop-up
-
On your authentication app:
-
Click add button
-
Select Scan a QR code
-
Scan the code that appeared in the popup
-
-
Now you have setted up Monty authentication on you google authenticator app
-
A code will appear on your app every 1 minute, use it to verify your device
-
After you are done, confirm enabling 2FA
-
You will receive 10 backup codes, copy these codes and save them in your device as you might need to use them later.
How to force 2FA for your bot
-
From you account settings, enable 2FA for your account first as mentioned in the steps previous steps
-
After having your account secured by 2FA, Go to your bot’s settings
-
Under Team and Agents section in settings, Turn on “Force Two-Factor Authentication”
-
Now all of your team members will be forced to enable Two-Factor Authentication for their account in order to access this bot.
When is it important to use Two-Factor Authentication?
It’s important to enable 2FA for your account when:
-
You want to make sure no one can open your account without your permission and confirmation.
-
The data of your bots is very confidential so you want to make sure no hacker can access.
-
You want to keep your bot’s end-users data access secured among all of your team members.
-
You are worried that any of your team members will take the necessary precautions in data and account security.
What after I enabled 2FA?
When you enable 2FA for your account
-
You will have to verify login through Google Authenticator app every time you login using email and password.
-
You can always remember your browser for 30 days so you don’t have to do this everyday.
When you force 2FA for your bot
-
Users who didn’t enable 2FA for their account won’t be able to access this bot
-
Once a user enable 2FA, he will regularly edit and monitor the bot according to his role
What if I lost access to my phone?
No Problem! You can always use one of the 2 alternate methods to verify login
-
Choose send to Email, in order to receive the One Time Password on your email address then you get to use the code to login regularly
-
Use one of the backup codes that you have saved on your device earlier.
-
If you have faced any issues don’t hesitate to contact us directly!