Eddy offers two options for Two-Step Authentication: Text Messaging (SMS) authentication, or Mobile App authentication. One or the other is sufficient.
Enabling Two-Step Authentication as an Admin
To require Multi-Factor Authentication for those on your team, first go to the Admin page followed by the People tab and the Security sub-tab. From there, as the admin you will be able to determine which roles will be required to log in using MFA.
Enabling Two-Step Authentication for your own account
Any user can also choose to enable MFA at any time for their personal account to ensure extra privacy. To do so, navigate to the Account Settings page and the Two-step authentication sub tab.
The user can use either an authenticator app or an SMS message to authenticate.
Note: It is recommended to use an authenticator app over SMS because the code is available immediately and does not rely on cell phone providers for delivery.
Using Google Authentication
The user will be asked to scan the barcode on their screen with their mobile device’s camera.
If you don't already have an authenticator app, you can click “Google Authenticator” to download Google's free authenticator app.
On the next page we ask you to confirm the code that is shown on your device to finish the setup. In order to set up Two-Step Authentication, we require you to re-enter your account password.
Using Text messaging (SMS)
To set up SMS, click "Set up SMS" under the Two-Step Authentication section. You will be asked to enter your phone number.
Eddy will send you a 6-digit verification code.
You must enter this unique verification code to confirm the correct phone number.
In order to setup Two-Step Authentication we require you to re-enter your account password.
When the correct 6-digit code is entered, we show a success message that includes a backup code.
Now the setup process is complete. Going forward, Eddy will request a code when you sign in.
When MFA is enabled, we show this success message, and also give a backup code that can be used to unlock MFA if you lose access to your phone.
Disable Two-Step Authentication
Two-Step Authentication can be disabled, unless it is required by the organization. This is done on the account settings page. This can only be done if MFA was set up by the individual and not the admin of the company.
User Login
When Two-Step Authentication is enabled, we’ll require it after log in.
Mobile
When MFA is enabled, you must enter a token on their mobile device.
Sign in another way
If a mobile phone is not an option, We show additional ways to authenticate. Click the link to “Sign in another way”.
Two-Step Authentication Enablement Report
This report shows a list of the last login for each user, and shows if Two-Step Authentication is enabled for that user. If MFA is enabled for a user, the owner role use has a button to reset the MFA, which will remove the requirement for an MFA token on login for that user. If the owner role needs to reset their own MFA, please contact our Support Team at 877-750-3339 for next steps on verifying your personal information.