This is part of an ongoing blog series that focuses on some of the fantastic features of Cliniko. Today we’re going to look at 2 Factor Authentication.
What is 2 Factor Authentication (2FA)?
Typically when you log into something, you provide an email address and password. This is one “factor” of authenticating who you are. 2FA refers to using a second factor to confirm your identity. Commonly, the two factors in 2FA are something you know, and something you have. The password is something you know and, most often, your phone is something you have. To think about it in its most basic form, your ATM card is the thing you have, and your PIN is the thing you know!
Why should you use 2FA?
2FA is the best way to prevent attacks on your patient information: it’s as simple as that! Security of your information should be of the utmost importance to you, and this is the single best thing you can do to ensure protection of your information. It is also becoming a standard across many different online platforms as it provides you with the security of knowing that a compromised password isn’t the only thing needed to get into the software you use.
The people who want to use your information maliciously rely on lax user security. This means that if you don’t actively take steps to ensure your information is secure, then you will be an easier target than the other people who use strong passwords and 2FA. While we have people in Cliniko constantly working on maintaining and improving the security on our end, the most vulnerable spot is your log in address and password. By enabling 2FA, you can be comfortable knowing that even if your password is compromised, your phone would need to be physically taken out of your pocket for them to get any valuable use out of that password!
How do I use 2FA in Cliniko?
2 Factor Authentication is simple to set up, and it takes just a couple of minutes to better protect your patient data. To set up 2FA, you’ll need a smartphone with a free application such as Google Authenticator (here’s your iTunes version or Android app or Authy. If you’re using an Android phone, you will have to install a QR scanner but they will give you the instructions on that if you don’t yet have one installed on your phone!
Since 2FA is an individual setting, you’ll find the link to enable 2FA in your “My Info” page, found under your name in the black sidebar. We have a step-by-step guide to this set up process on our support site.
Importance of Backup Codes
Most programs that use 2FA will give you backup codes in case you lose your device: Cliniko is no exception! A backup code is essentially a secondary password that you can use in case your phone goes missing, or if you upgrade your phone without disabling 2FA first. Seriously, we cannot stress enough how important these codes are, and you should take precautions to keep them safe, whilst also making sure they are available to you should worst come to worst and you desperately need them!
We recommend that you physically print off your backup codes and keep them in a secure place. This piece of physical backup is important as it provides a non-digital option for you to gain access to your Cliniko account, should your devices get stolen. If you have no backup codes, no phone, and 2FA enabled, then you’re going to have a bad time!
However, these extra steps shouldn’t discourage you from using 2 Factor Authentication: you merely have to remember that the security of your patient data is more important than the hassle of printing out a sheet of paper and keeping it secure. With this perspective, the importance of backup codes, and 2 Factor Authentication in general, is clear.
Turn on 2FA in all of your important accounts! Now! From Facebook to Gmail to Cliniko, it’s integral to the turn this feature on if it’s available to you. Not only could your clinic information be at risk without it, you could be risking your Candy Crush high score too!