Enhance your account security via an industry-standard protection
Why enable 2-Factor Authentication (2FA)?
2FA significantly reduces the risk of unauthorized access to your admin account. Passwords alone can be compromised through phishing, brute-force attacks, or data leaks. With 2FA enabled, a second verification factor (such as a one-time code from an authenticator app) is required before access is granted. This added control protects sensitive customer data, prevents malicious configuration changes, and helps maintain compliance with modern security best practices.
Before you setup 2FA in InkSoft...
You will need to use an authenticator app to generate the proper authentication keys for your account. An authenticator app is a tool that generates secure, time-based codes used for login. Each code lasts only 30 seconds, so it’s incredibly hard for anyone else to guess or reuse.
We recommend using one of these authenticator apps:
- Google Authenticator (iOS/Android)
- 1Password
- Microsoft Authenticator
Please refer to their respective documentations if you have any questions regarding their individual functionality. Once you've picked your app, you're ready to setup a more secure InkSoft experience!
Note: Due to OrderDesk's method of authentication, enabling 2FA will prevent OrderDesk from being able properly integrate with InkSoft. All other InkSoft integrations will operate as normal.
Configuring 2FA
Enabling 2FA on your InkSoft account will only impact admin accounts that have the Fulfillment Store Admin (FSA) permission level. For more information on what exactly that is, you can check here - but in a nutshell, Fulfillment Store Admins are the highest account permission level, with the ability to create other admin accounts and total access to InkSoft Payments. Certainly something worth adding extra security for!
2FA settings can be found under Settings > Contact &Admin Accounts
Note that enabling 2FA will automatically log out all accounts with the FSA permission level. When logging back in, they will be required to set up 2FA. Once setup is complete, they will be required to enter an authentication code at log in.
If you currently have 2FA enabled, choosing to disable it here will remove previous 2FA configurations from all fulfillment store admin accounts. If you then decide to re-enable 2FA again, it will require a fresh setup upon login - previous codes will not be accepted.
Once enabled, you will see this when you next try to log in with an admin account:
Simply follow the steps outlined there within your authenticator app of choice. Then click "Generate Backup Codes". This will bring you to an important screen:
Be sure to read and understand the notes on this screen. Each of these backup codes are one-time use, and can be used in the event you are unable to use your 2FA to login - whether that be because you lost access to the device your authenticator was installed on, or some other issue preventing you from being able to generate or use your timed 2FA codes. How to use these codes will be detailed below.
Using 2FA
Now that 2FA is set up, logging in with your fulfillment store admin accounts will have one extra step:
You will simply need to enter the code generated by your app of choice into that field and click "Login". These codes reset after a short time interval (usually around 30 seconds), so make sure the code you enter is still valid when you enter it!
Resetting 2FA
If you need to reset the 2FA on a specific account, you can do so by navigating to the Contacts & Admin page and then looking under the "Admin Accounts" heading
Search for the FSA account that you would like to perform the 2FA reset for, and click the button that says as much
Once that process is initiated, that account will need to re-perform the setup steps with their chosen authenticator as detailed above. They will also receive an email notifying them that this reset has occurred.
What if I can't access my Authenticator App?
In the event you are unable to generate codes or use your 2FA authenticator for any reason, you can utilize one of the backup codes generated when your 2FA was initially set up (as detailed above). You will want to click on the "Try another option" message below the Authentication Code entry field:
A new entry field will appear, where you can enter one of the backup codes you saved from your initial setup:
It is important to keep your backup codes accessible. If you lose access to your authenticator and your backup codes, InkSoft support can assist during regular business hours. If you do use one of the codes to login, you will be unable to use that same code again. We strongly recommend resetting 2FA (as detailed above) on an account that has used more than one of its backup codes, so that you can generate new ones.
Comments
0 comments
Article is closed for comments.