Two-factor authentication provides an extra layer of security to your Iterable login. With 2FA enabled, users will not only need to enter a password when logging in, but they will also need to enter a code that is generated on a device in their possession (eg. a smartphone).
Two-factor authentication in Iterable is enabled on the user-level. The instructions that follow are intended to be completed by each user who requires this form of authentication.
There are two sections in this article:
Before you get started with two-factor authentication, we recommend that you download an authenticator app to your phone (unless you have a separate, 2FA-dedicated device). In the below instructions, we use Google Authenticator, but any similar app should work.
To get started with enabling 2FA for your login, click on your name in the top right of the Iterable app, then click Preferences.
Within your Preferences screen, you'll find the button "Set Up Two Factor Authentication..." along the right side. Click it.
This will generate a QR code, which you can scan using your authenticator app. This provides the app with the information it will need to generate two factor codes for your account in the future. If you do not have the ability to scan the QR code, we also provide a code that can be provided to the app to more manually establish the connection.
You should find that your authenticator app immediately recognizes your email address and Iterable as the associated platform (Google Authenticator example below).
Take the code that's displayed in your app and enter it into the bottom of the Two Factor Authentication section of your Iterable preferences. Then click Enable.
If you have entered the code correctly, the page should reload with a success banner like below on top.
Important: Before navigating away from this page, take note of the five backup codes now displayed in the Two Factor Authentication section of your preferences. Record these codes in a safe place, as they will serve as a second form of authentication in the event that you misplace your device. We only display these codes once.
Reviewing 2FA-Enabled Users as an Admin
To see who in a project has two-factor authentication enabled, navigate to Settings > Accounts (requires Admin privileges). Here you will find a "Two Factor Auth" column. If there is a check mark in that column for a given user, that user has this functionality enabled.
Note: If a user has 2FA enabled, it is enabled across projects.
Disabling 2FA for Users
There are two options for disabling 2FA for users.
- As a Super Admin, you can disable two-factor authentication for users from the Settings > Accounts screen as well. To do so, click on the check mark in the associated row and column, then confirm the action in the pop-up below.
- As a user, you can disable your own two-factor authentication from your preference screen.