For added security on your account, StakeTracker allows users to enable two-factor
authentication. This adds an additional step to the process of logging in to
StakeTracker, keeping your account safer.

Note: When you enable two-factor authentication (also known as two-step authentication) on your StakeTracker account, it will be mandatory for all users


Why enable two-factor authentication?

Two-factor verification adds an extra layer of security. Most people only have
one layer – their username and password – to protect their accounts. With two-factor
authentication, if someone hacks through your username/password layer or gains
access to your email address to reset your password, they’ll still need to retrieve
a verification code sent to you via a second email to get into your StakeTracker

How does two-factor authentication work with StakeTracker?

StakeTracker sends each user an email with a six digit code when they log in
(future releases may support text message (SMS) verification on Canadian or USA
phone numbers).

When two-factor authentication is enabled, logging in to StakeTracker has an
extra step:

  1. The user will first enter their username and password, as is normally required.
  2. Next, they will be prompted to input a six-digit security code sent to them
    via email. The six-digit code is only available for 3-minutes, after which,
    a new code will have to be generated. This means that even if someone learns
    the code you used last time you logged in, that same code can’t be used access
    your account in the future.


Enabling two-factor authentication in StakeTracker

The StakeTracker Enterprise Administrator is the only person who can enable two-factor
verification on your StakeTracker account, and it is for the entire organization,
and not per user. It is enabled as follows:

  1. Log into StakeTracker
  2. Navigate to <Administration>, <Enterprise-wide settings>
  3. In the section called ‘Optional security settings’, select the second option,
    Enable two-factor authentication for all users (User ID/password plus email confirmation)’

  4. Click Save & close. Now you’ve successfully enabled two-factor
    authentication for your organization. The next time any user logs in to StakeTracker,
    they’ll be asked to enter a verification code.


Note: Because two-factor authentication is made mandatory for the entire organization, by the StakeTracker Enterprise Administrator, it cannot be disabled by any other user-role.