About this feature: For those administrators looking to add an additional layer of security to access the admin portal, there is a free optional setting to add two factor authentication (2FA). With 2FA in place administrators will be prompted to enter a 6-digit code from their authenticator app after logging in with their username and password.
Enabling Two Factor Authentication
Note: The instructions given here will follow the process for those using the Google Authenticator App. Other authenticator apps are compatible and the set-up process will be similar however some details may differ if an alternative authenticator app is used.
- Go to the My Profile Menu, then click “Manage Two Factor Authentication”.
- Step 1: Install an authenticator app
- Step 2: Use the app to add your account
- Open your authenticator app. You may need to click [Get Started]
- In your authenticator app, press the [ + ] or “Add Account” button to begin the process of setting up the 2FA connection.
- In the app, click the [Scan a barcode] button (it has a camera icon next to it)
- Scan the QR Code in your authenticator app to add your Better Impact account to the app. If, for some reason, you can’t scan the barcode, enter the Setup Key displayed on the screen into your authenticator app. Exact instructions for those who need to use the Setup Key will be displayed directly on your Better Impact screen.
- Click the “I have scanned the QR Code, or used the setup key, and can now see my username and a 6 digit code in the app” button
- Step 3: Finalize the connection and secure your account
- Enter the 6 digit code from the app in the box
- Click the “Secure My Account” button
- Account Secured!
- Copy the backup/ recovery code. This is the only time you will see this code. It can be used to access your account (along with your password) if you have lost the device that has the authenticator app. Please keep this code somewhere secure. You can use the [Print] button in the header of this section to print off your code to store it somewhere secure.
- Click the “I have read the warning and have my backup/recovery code stored somewhere safe!” button
Warning!
If you forget, lose, or replace the device which you have just setup 2FA on: you will need to use your backup code in order to access your account and then you will need to re-do your 2FA setup.
It is imperative that you have it stored somewhere safe. You can print it using the print button in the heading or copy and paste it into a secure credential manager.
To ensure the security of your account, if, for any reason, you are unable to access your 2FA device, and have lost your backup code, the process of verifying your identity, confirming the account, and removing 2FA from it is thorough and lengthy. Due to the time consuming nature of this process, it is a billable service.
Logging in Using Two Factor Authentication
- Go to admin.betterimpact.com and enter your username and password.
- Open the authenticator app on your mobile device.
- When prompted, enter the code that is generated by the authenticator app and click the [Login] button.
- If you don’t have access to your authenticator app, you can select to “Use my Backup code”
- Enter you backup code and the select the “Login using backup code and remove two factor authentication” button
- To continue using two factor authentication after logging in with a backup code, you will need to go through the set-up process again
Disabling Two Factor Authentication
- Go to the My Profile Menu, then click “Manage Two Factor Authentication”.
- Enter your current password for your administrator account
- Check the box “I am sure I want to remove this security feature from my account”
- Click the [Remove Two Factor Authentication] button.
- On your mobile device: Remove your account from your two-authenticator app
Viewing Administrators with Two Factor Authentication Enabled
- Go to People, then click on “Manage Administrators” found in the sidebar under Administrators
- Administrators with “Enabled” listed under the 2FA column have Two Factor Authentication enabled