The risk of someone stealing your password is growing all the time. While we all know we shouldn’t do it, the truth is that many people use their passwords across multiple sites. As more and more big sites are compromised and encrypted (as well as even unencrypted!), username and password combinations sometimes fall into the hands of bad guys.
To address these risks and keep the bad guys away, we’ve just launched a security-heightening feature to your Accelo account. You can now require 2-Factor Authentication via mobile every time you log into Accelo.
A username and password is also known as single authentication, and all someone needs to get into your account is to know these details. The key to boosting your security is to have a second factor of authentication, ideally something that can't be stored alongside your password and that bad guys can't access from the other side of the world... like something in your pocket.
Smartphones provide a great second factor of authentication. It uses a special code which changes a few times a minute (making it a constantly moving target for hackers) and only if the code you enter from your phone matches the one we're expecting to see during the login process we'll let you in.
We've chosen to use the Google Authenticator as the smartphone app in our implementation. Note that this does NOT mean having a Google account, and your data isn't sent to Google - it is just a magic time-based calculator :-) Google Authenticator supports the following devices:
While a QR code reader is also handy for setting up the authentication account on your phone, it's not essential.
1. Head to your User Settings page and scroll to the bottom. Under Two Factor Authentication, click "Get Started."
2. You'll see a QR code and some instructions. But, before scanning it, you'll need to:
3. Snap a photo of the QR Code on your screen. Google Authenticator should then kick into action giving you a code that automatically changes every 25 seconds. Enter your code to complete the setup.
4. Now, every time you log into Accelo, you’ll be asked to enter your username, password and the code provided by your phone.
If you'd like, we also provide security via Google Apps. By enabling single sign-on only authorization, users will no longer be asked for their username and password when logging into Accelo - instead, they'll login through Google Apps account. Read more about how to get started here.
