Enhancing Account Security with Two-Step Authentication
Enabling two-step authentication (also known as two-factor authentication or 2FA) greatly improves the security of your account and protects your project's data. It is completely optional but we recommend all our users to enable it.
To enable 2FA go to user settings and click Add 2FA Method. Using an authenticator app of your choice (Google Authenticator, Authenticator Plus) scan the displayed QR code to connect your device.
To confirm that the set-up is working, you will be asked to enter a 6-digit temporary code from the authenticator app. Once the 2FA method is setup, you will be required to enter this type of code every time you login to your Reflow account.
If you lose your device or can't generate a 6-digit code for any reason, you can login using a backup code.
Backup Codes
When you configure your first 2FA method you should be presented with a backup code. This code follows the pattern xxxx-xxxx-xxxx-xxxx
and is displayed only once (at the time its generated). It is very important you copy this code and save it somewhere safe.
The backup code can be used in the case you lose access to your 2FA-enabled device. When logging in, select Sign in another way -> Use backup code and enter the code string.
Using a backup code to login will disable all 2FA methods and expire the code. If you wish to enable 2FA back on, you will need to generate a new backup code from the user settings.
Save the backup code in a secure location, preferably on a piece of paper or a USB flash drive that are stored in a cabinet only you have access to. A 3rd party secure password manager such as Bitwarden is also an option.
If you lose your backup code but still have access to your Reflow account, you can generate a new backup code from the user settings. This will invalidate all previous backup codes.
Best Practices
- We will send you emails when any of the 2FA settings are changed. If you receive an email but haven't personally made changes to your account, contact us immediately.
- When switching to a new phone (or factory resetting your current one) it is best to remove any old 2FA methods associated with the old device, and then re-configuring then for the new phone.
- If you have multiple devices, you can setup 2FA on all of them. This way you will not be locked out of your account if you lose access to one of them. Either scan the same QR code with multiple devices or generate separate codes for each device.
- If you want to collaborate with other people on a Reflow project, we recommend using the Teams Feature instead of sharing an account. This way all project members can setup 2FA for their own accounts.
- In the case you have lost both your backup code and all of your 2FA devices, please contact us. Our customer support team will ask you a series of question in order to prove your identity and give you access to your account.