#cliotraining Tip: Two-Factor Authentication
Posted by Gwynne Monahan on April 7, 2011
In light of the Epsilon data breach, we thought we’d devote this week’s #cliotraining Tip to security, and our Two-Factor Authentication option.
Our Two-Factor Authentication option lets you require that passwords be used along with a secure PIN delivered to a mobile device, or other secondary authentication mechanism. Its purpose is to prevent access if a password is compromised. So if someone steals or correctly guesses your password, without the PIN, access is denied.
There are two ways to setup Two-Factor Authentication:
- Every login
- New IP address
Every login is exactly as it sounds: each time you, or someone in your firm, logs into Clio, a PIN is required in addition to the password. New IP address, on the other hand, only prompts for a PIN if a different IP is detected. So, for example, if you logged in at work but then later logged in at home, you’d be prompted to enter a PIN because your home IP isn’t recognized, and thus considered a new IP address.
When Two-Factor Authentication is activated, you’ll get this message when you login:
There are also two ways to setup authentication delivery:
Email is just like it sounds. Enter an email address, preferably one to which only you have access, to receive the notice. Notifo is a free mobile app that pushes notifications, like login codes, to your phone. It’s free to download, and free to create an account.
For more information, check out our quick overview and for full setup instructions, see our Two-Factor Authentication page.