What is two-factor authentication?
Two-factor authentication (2FA) is an extra layer of security to ensure that even if your password is compromised, someone else cannot log into your account. This is done by pairing the password you use to sign in with a code provided by an authentication app on your phone or a browser plugin on your computer. Without this second authentication step, a hacker or malicious actor cannot log into your account even if they have your password.
Why am I being asked to set up two-factor authentication?
Beginning March 4th, two-factor authentication is required for all CrashPlan for Small Business administrators. This is a proactive measure intended to keep your organization's valuable business data secure following industry best practices for security.
See How do I set up two-factor authentication? for more information.
Can I turn off two-factor authentication?
Two-factor authentication cannot be turned off for any reason. If you need to reset your 2FA, see I need to reset my two-factor authentication.
I don't have a smart phone to use for two-factor authentication
Two-factor authentication can be set up on other mobile devices as well (such as an iPad). Administrators who do not have a suitable device or want to use an alternative method to authenticate can install a browser plugin to display the two-factor authentication code in their browser. We recommend Authenticator.
Do I have to use Google Authenticator for two-factor authentication?
While we only test on Google Authenticator and the Authenticator browser plugin, any Time-based One-Time Password (TOTP) application should work.
Can I set up two-factor authentication on multiple devices?
Yes. To set up, scan the QR code or manually enter the code presented when first setting up two-factor authentication on all the devices you want to use for authentication. Multiple devices should not be used to allow multiple users to log into a single account.
I'm getting an invalid code error when setting up two-factor authentication
Because two-factor authentication is time-based, an "invalid code" error occurs if the time between your mobile device and computer does not match or the device is in the wrong time zone. To resolve, ensure both your mobile device and computer are set to automatically set the time and have the same time zone set:
- Change the time - iOS
- Set time, date & time zone - Android
- Set the date and time on your Mac
- How to set your time and time zone - Windows
If you can't resolve the time difference between your devices, you can use browser-based authentication so that only your computer time is used. We recommend Authenticator.