2-Factor Authentication for SharpSpring was released in November 2020, which improves account security by asking the user for a short-term code when logging into their company instance of SharpSpring. For just over 2 months, we’ve been using 2FA to make sure it works as intended before sharing this with our SharpSpring clients. The Authenticator App (required as part of 2FA) has received some bad reviews, so we wanted to test this thoroughly first.
Following our testing period, we would encourage all SharpSpring clients to enable 2FA for their company (this can be done by the Administrator of your company). Once enabled, the next time a user logs into SharpSpring, they’ll be prompted to set-up 2FA on a device with the Google Authenticator app installed.
When 2-Factor Authentication is set-up, each time users sign in, they will be required to enter their password in addition to a security code generated by an app on their phone or tablet. These codes are randomized and expire after a set amount of time.
Why should you use 2-Factor Authentication in SharpSpring?
In a study published by ENISA — the European Union Agency for Network and Information Security which advises member states and private sector organizations in implementing EU legislation and how to comply with the General Data Protection Regulation (GDPR). Their recommendation included:
Two-factor authentication should preferably be used for accessing systems that process personal data.
Failure to meet 2FA was deemed “high risk” in their impact evaluation of personal data processing.
How do I enable 2-Factor Authentication in SharpSpring?
We recommend the Administrator of your company instance enable 2FA company-wide (follow this guide). This mean all users will be prompted to set this up the next time they log into their SharpSpring instance. Alternatively, you can contact your support agent at Merci to turn this on for you. Setting up 2FA is done by each user, so clear direction to documentation is advised during this process. It’s pretty straight forward, as you can see in the following screenshot.
MailSync does not support oAuth 2.0 yet, so a different solution is needed to connect your inbox with SharpSpring MailSync. 2-Factor Authentication is SharpSpring only provides an additional layer of security when logging into the instance.
More information can be found at SharpSpring Help here.
Enquire about marketing automation
Our team of data specialists, strategists and designers are here to help your business thrive in the digital world.
Got a project?
Merci is a innovative full service digital marketing agency.
Come and meet our teams in Bourg-Saint-Maurice or Brighton.