Articles on: Legal & Security

How to enable Two Factor Authentication?

You can add an extra layer of security to your Crisp account by setting up two-factor authentication. Here's how to enable 2FA in Crisp.

In this example we are using Google Authenticator, but many apps are able to generate 2FA codes


What is two-factor authentication



Multi-factor authentication (MFA; encompassing authentication, or 2FA, along with similar terms) is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism.

Enabling two factor authentication with Crisp is optional but is strongly recommended. This way, if someone steals your password you will be protected by this extra layer of protection.

Crisp relies on the Google Authenticator protocol. This protocol is widely used and multiple apps are supported:

- Google Authenticator
- Microsoft Authenticator
- YubiKey
- LastPass
- 1Password

Additionally, Crisp can send 2FA requests to your phone number using SMS. However, this channel is heavily rate limited, and you can only do a certain number of SMS requests for security reasons.

Enabling Two Factor Authentication with Crisp



There are two ways enabling Two Factor Authentication with Crisp:

Your company enforces 2FA and Crisp shows a QRCode during the signup process
You already have an account. In this case, you can opt-in for 2FA from https://app.crisp.chat/settings/account/, by clicking Enable Two Factor Authentication. Note that you need to add your mobile phone number to your Crisp Settings first.

Example how to use Two Factor Using Google Authenticator



Download the Google Authenticator on your iPhone or Android phone.

Click Scan a QRCode

Scan the code




Login with Two Factor Authentication



Once Two Factor Authentication is enabled for your account, Crisp will require you to provide a 2FA code everytime you login. You will have to open the Authenticator App on your phone. It will provide a 6 digits code that is rotated every 30 seconds.

Example of a 2FA code generated by Google Authenticator.

Enforcing Two Factor Authentication for my site



By default, Crisp is not enforcing Two Factor Authentication. If you'd like to enforce Two Factor Authentication for your Crisp site, it is possible. Here is the procedure:

Make sure that all existing agents in your Crisp team opted-in for 2FA. You can send them this article via email or Slack for reference. They can also contact us on crisp.chat if they need help.

All your agents should have a green padlock icon next to their email

Enable Two Factor Authentication by going to :
https://app.crisp.chat/settings/websites/
Chatbox & Email Settings
Inbox Settings
Enable Force Operators to have their Two Factor Authentication Enabled

Updated on: 13/06/2022

Was this article helpful?

Share your feedback

Cancel

Thank you!