Two-factor authentication, or 2FA, is a security process that requires the user to provide two different forms of identification before granting them access. When your board contains sensitive content, such as pricing data or product information, you can protect it by providing access to authorized contacts only with 2FA, as follows:
- Define the list of leads who are authorized to access the board and send them an invitation to view the protected board.
- When an authorized lead attempts to access the board, they are asked to verify their email address/domain.
- The authorized leads receive an email from firstname.lastname@example.org with a verification code to log into the board. The code is valid for 5 mins and the lead can perform up to 3 attempts to access the board. By default, the access remains valid for 30 days.
You can control access to your Folloze boards on different levels:
- Any domain: Authorizes all domains.
- One or more selected domains: Authorizes anyone that arrives from a specific domain, or a list of specific domains. For example, you can select “folloze.com” to allow access to anyone entering from this domain, whether they are invited to the board or not.
- Only specific invited recipients by email campaign: Authorizes specific recipients, including board owner, editor and subscriber.
Note: If the lead is either from the selected domain or explicitly invited to the board, they can access the board.
Using the select domain list, you can allow a specific domain or multiple domains access to your board. Additionally, you can disable this list and consequently block any domains from entering your board. In this case, only specific people you invited in a campaign can access the board.
You can decide to revoke access from a specific domain that formerly had access. By removing this domain from the list of selected domains, leads that were not explicitly invited from this domain cannot enter the board any longer.
To configure 2 Factor Authentication:
- Click Select Domain and select the domains that can access your board.
|Any value||All domains can access the board.|
|One or more domains||A specific domain or multiple domains from the multi-select list can access the board.|
|Add Account Domain||
A domain of your choice that is not included in the list.
After entering the domain name, select Add.
- Click Done.
- To block all domains from entering and only allow access to invited people, disable the Select Domain toggle. When this toggle is disabled, you cannot select any domains from the list and you can only allow access to invited people.
- To allow access to only invited recipients, enable the checkbox Allow access to people you invite.
The list of recipients authorized to access the board is added by the campaign from Folloze, or by creating a trackable URL so all the recipients that appear in the pulse table are invited to access the board. If the checkbox is selected, all contacts invited by email or a trackable link are automatically authorized. If the email recipient shares the link with another person, they are not granted access. They need to be invited directly to view the board.
To learn more about tracking URLs, read Sharing content items.
To configure reauthentication settings:
You can decide how many days the 2 factor authentication is valid for. The default time limit is 30 days. After this time has elapsed the lead is required to reauthenticate using 2FA. For example, if you set a 30 day time limit the lead will not be prompted to complete 2FA for 30 days.
- Enter a number of days after which the lead must reauthenticate.