Skip to main content
All CollectionsGet Started With Socket
Two Factor Authentication
Two Factor Authentication

How to set up and manage two-factor authentication

R
Written by Rich Nicolson
Updated over a week ago

Why 2FA is Important

Two-Factor Authentication (2FA) adds an extra layer of security to your account. By requiring both your password and a second form of authentication, it significantly reduces the risk of unauthorised access. At Socket, we’re committed to protecting your data.

For 2FA in Socket, you can use Google Authenticator or any other compatible authenticator app. SMS-based 2FA will not be supported due to security vulnerabilities associated with SMS.

Setting up 2FA

2FA will be turned on for all customer accounts automatically at the start of September 2024 so you don't need to turn it on, you’ll simply be prompted with the below set up screen the next time you log in. You do have the option to “Skip for now” until 1st October 2024, but after that it will become mandatory.

The setup process is super quick:

Click “Get Started” and then scan the QR code shown on screen with your preferred authenticator app.

Then enter the code from the authenticator app, into the box labelled ‘Code’.

⚠️ Save your recovery codes somewhere safe! ⚠️

In case your device with the authenticator app is lost, it’s critical that you save your recovery codes provided to you during the initial 2FA setup. They will now be displayed on screen as shown below.

These codes will allow you to regain access to your account if you no longer have access to your authenticator app.

2FA setup complete

Once you are set up, the 2FA section on your profile will display a green tick and show as enabled, meaning you are all done! 🙌

If you choose to skip enabling 2FA, you’ll still be prompted to set it up each time you log in. Whilst logged in, you can always head to your profile and enable it before 1st October 2024.

"Remember me" for 2FA

Once you have set up 2FA, the next time you login and enter your Username and Password, you’ll have the option to check a “Remember me for 30 days” box. If you check this box, you won’t be asked for 2FA authentication on trusted devices for 30 days, even if the login session expires.

However, if the login is not trusted (e.g., from a different device or location), you will be required to complete the 2FA process again within 24 hours.

Troubleshooting

Having trouble logging in with 2FA? This is where your recovery codes come in! If you don't have your authentication device handy then you can enter one of your recovery codes to access your account, you can only use each code once so when a code has been used, you’ll get given a new one to replace it.


Related Articles
Practice settings in more detail
Xero Integration
Alignment Fees
Did this answer your question?