Settings (Basic): Two-Factor Authentication
Two-factor authentication (2FA) adds an extra layer of security when accessing TaxDome. The additional step of authenticating your identity makes it much harder for an attacker to access your data, even if your credentials have become compromised. All TaxDome users can turn on 2FA, whether you’re a firm owner, team member, or client. We recommend you do—we want everyone to be safe!
- Enabling Two-Factor Authentication
- Enabling the Backup Authentication Method (SMS)
- Signing in With Two-Factor Authentication Enabled
- I’ve Upgraded My Cell Phone
- What Happens if I Lose My Cell Phone?
- Disabling Two-Factor Authentication on Your Account
- Disabling Two-Factor Authentication for Clients and Team Members
Enabling Two-Factor Authentication
Once you enable two-factor authentication, you’ll need to have your smartphone handy whenever you log on to your TaxDome account. When you do, you’ll be confirming your identity by typing in the code provided on your mobile device.
To turn on two-factor authentication to add an extra level of security, follow these steps:
1. Go to Settings, toggle onTwo-factor authentication toggle, enter your TaxDome account password, then click SUBMIT.
2. You’ll be presented with a list of applications that can be used for two-factor authentication. Install the Authy application (or Google Authenticator, Microsoft Authenticator, etc.) on your phone, then tap Scan a QR code.
3. Click NEXT STEP on your computer screen, then scan the barcode with your phone.
4. Click the NEXT STEP button on your computer screen, enter the six-digit code that the authenticator app provides, then click VERIFY. Two-factor authentication is now enabled.
Note! If you enable 2FA, you will have to generate a code from your phone whenever you log in. If you lose access to your smartphone, it will take some time to access your account without it, so having a secondary device for 2FA is a good backup plan. We recommend the Authy application because it allows you to include a backup secondary phone number. When you install Authy on your primary mobile device, you can add the number of the additional trusted device. Read the detailed instructions here.
Enabling the Backup Authentication Method (SMS)
We strongly recommend you use our backup authentication method that uses text. It’s especially helpful if you lose access to your authenticator app. You confirm your identity by typing the code sent to your mobile device.
To enable the backup authentication method, follow these steps:
1. Go to Settings, toggle on Turn on the backup authentication method (SMS), enter your TaxDome account password, then click SUBMIT.
2. A Backup authentication method pop-up appears asking for your phone number.
3. Enter your phone number, then click NEXT STEP on your computer screen. Enter the six-digit code that you received via text, then click VERIFY. Your backup authentication method is now enabled.
Note! You have 10 tries to enable the SMS backup authentication method. If all 10 are used up, the Next Step button is disabled. To enable it again, you’ll need to reach out to our tech support. We’re always here to help.
Signing in With Two-Factor Authentication Enabled
Once two-factor authentication is enabled, you’ll be prompted to enter an authentication code whenever you sign in.
When prompted, open Google Authenticator (or the authenticator app you are using) on your smartphone, then enter the provided code.
Note! The code in Google Authenticator changes every 30 seconds, so if it is not accepted by TaxDome, enter the new one.
If you don’t have access to your authenticator app and you have turned on backup authentication, click on the Send SMS code to your phone link. A text will be sent to your phone, and you’ll then be able to log in.
Note! You have 10 tries to resend a code via text. If all 10 are used up, the button gets disabled. To enable it again, you’ll need to reach out to our tech support. We’re always here to help.
I’ve Upgraded My Cell Phone
If you have a new cell phone, you can continue using two-factor authentication for your account. Here’s how to transfer it over to your upgraded device:
1. Import your authenticator app account to your new phone: Download the app to the device. Next, you are prompted to enter your phone number. (Authy uses your phone number as a way to store your account, making it easier to retrieve.)
2. Once you’ve entered your number, a new prompt asks you to verify your account in one of three ways: using your old device, by phone, or by text.
Using an existing phone is the easiest and safest method.
3. Select Use existing device, and you’ll then see a WAITING FOR APPROVAL pop-up.
4. Next, a notification will appear on your previous phone to approve your new device. Select Accept. Enter Yes (on iPhone) or OK (on Android). Your new device now has access to your account.
What Happens If I Lose My Cell Phone?
If you can’t use your authenticator app because you no longer have your phone and you don’t have a backup code, click No access to application? (see below), then send an email to the address provided.
- If you’re a team member of a firm, the firm owner is notified, and they’ll be able to disable 2FA on your account.
- If you’re a firm owner, you’ll need to verify your identity by sending a photo of your driver license along with a selfie of you holding it up to firstname.lastname@example.org. This way, we can make sure it’s you! Note that the verification process usually takes one business day.
Disabling Two-Factor Authentication on Your Account
If you no longer want to two-factor authentication to log on, you can disable it. Go to Settings, toggle off Two-factor authentication, enter your TaxDome account password, then click SUBMIT.
Disabling Two-Factor Authentication for Clients and Team Members
As a firm owner, you can disable two-factor authentication for clients and team members if they have lost access to their authenticator app. When they clicked the No access to application? link, you receive a notice at the same email you use for all your notification alerts. Or you can set up a separate email for these kinds of issues: Navigate to Settings, select the Firm Settings tab, enter email in Two-Factor Authentication (2FA) Reset section, then click SAVE.
Once you’re aware that a client or team member is having trouble signing in, you can disable 2FA.
For a client:
Navigate to the Info tab of the client’s profile, click on the three dots to the right of the client’s email address in the Contacts section, then click Disable Two-factor Authentication.
For a team member:
1. Navigate to Settings, open the Team & Plans tab. In the Active Team Members subtab, you’ll see which team members have 2FA enabled.
2. Click on the three dots to the far right of the team member’s name, select Disable Two-factor Authentication, then click CONFIRM.