Two-Factor Authentication requires two components in order to login to your account 1) your Formstack password and 2) an authentication code sent to a mobile device via an app like Duo and Authy or by SMS.
Once two-factor authentication is enabled, upon login, Formstack will send an authentication code to the user’s mobile device. Depending on the selected delivery method this code will either be generated by an application on your mobile device or sent as a text message (SMS).
The only way someone will be able to log in to a Formstack product account is if they know both the user’s Formstack password and have access to the authentication code on the user’s mobile device.
We strongly encourage users to turn on Two-Factor Authentication on their accounts for the safety of their accounts.
Note: For security reasons, Formstack Support cannot restore access to accounts with two-factor authentication enabled if users lose their phones and don't have access to their recovery codes.
Enabling Two-Factor Authentication
All users on a Formstack account can enable two-factor authentication on their Profile pages by clicking the “Enable” button under Two-Factor Authentication at the bottom of the page.
Next, decide whether you'd like to use an app or SMS to authenticate your login.
Choosing "Setup App"
Click "Setup App" in your Formstack profile settings.
Use the "Find a two-factor application" link to find and download an app to your mobile phone or tablet.
- Google Authenticator (Android/iPhone/BlackBerry)
- Duo Mobile (Android/iPhone)
- Authy (iOS, Android, Blackberry, Mac, Windows, Linux)
- Amazon AWS MFA (Android)
- Authenticator (Windows Phone)
Next, open the app on your mobile device and scan the provided QR code when directed.
Note: If the QR code is not accepted by your app you can produce a shared key by clicking on the link next to the QR code and type the code manually into the app instead.
Finally, enter the authentication code generated by the app.
Choosing "Setup SMS"
Click "Setup SMS" in your Formstack profile settings.
Enter your phone number and click "Send SMS". You will receive a text message with a code shortly.
Next, enter the authorization code you received on your mobile device into the associated text box.
Click "Enable Two-factor"
Congratulations! You've successfully enabled two-factor authentication!
Setting up Backup Options
Now that you've enabled two-factor authentication it's important to have a backup plan just in case you forget to take your phone out of your pocket before jumping in the pool or decide to do your own "Will it Blend?" test at home.
If you set up two-factor authentication using an app click the "View Backup Verification Codes" button and copy them down in a safe place somewhere other than your phone.
For a universal back up option, click the "Setup a Backup SMS Number" and enter a different mobile phone number than the one you are currently using to receive authentication code texts.
Changing or Removing Two-Factor Authentication
Changing or removing Two-Factor Authentication is easy! Just return to your profile settings and click either "Change" to change the way you authenticate your login or "Remove" to remove two-factor authentication from your account altogether.