Two factor authentication (2FA) allows you to add an extra layer of security to your account by requiring a verification method other than just your email and password. If your email or password were compromised, 2FA ensures your Action Network account remains secure. Below are some frequently asked questions related to 2FA.
What best practices does Action Network recommend?
Action Network recommends always having multiple admins in a group. We cannot add or remove admins from groups so this ensures your organization always has access to the group. We also recommend using an authentication app that can be installed on multiple devices (like phone and tablet/laptop).
What method is most secure?
A physical device is the most secure authentication method. These devices, called hardware keys, are physically plugged into your device and can be linked to your Action Network account. The next best authentication method is an authentication app such as Authy, Google Authenticator, or any other app. This is what most people will likely use and offers a high level of security. While SMS still provides an extra layer of security, it is possible for a mobile number to be spoofed and receive verification texts, which can compromise your account. If you can't use a hardware key or verification app, you should still use SMS to boost account security.
What app is considered most secure? Do you have an app you would recommend?
Why do I need more than one form of 2FA?
Having multiple forms of 2FA ensures you won't lose access to your Action Network account in the event that you lose access to one of them. If you change your number, you can still log in with your app. If you lose your phone, you can still use a desktop app to log in. Some apps, like Authy, can be used on desktop, laptop, and phones, and automatically sync between them, so you don't have to set up more than one form of 2FA but rather just set up the same app in multiple places.
How do I enable 2FA?
You can do so from your profile in the upper right menu after logging in. You can read more about how here.
Can I make 2FA required for all admins in my group?
Yes, you can enable this in the Settings tab of your Group Manage page.
What if I lose access to all 2FA methods?
Unfortunately, we cannot recover your account if you lose access to your authentication methods. Group admins will still be able to add you at a new email address.