Settings (Basic): Two-factor authentication
Two-factor authentication (2FA) adds an extra layer of security when accessing TaxDome. The additional step of authenticating your identity makes it much harder for an attacker to access your data, even if your credentials have become compromised. All TaxDome users can turn on 2FA, whether you’re a firm owner, team member, or client. We recommend you do—we want everyone to be safe!
Enable two-factor authentication for all team members
Note! This section is for firm owners and admins only.
As the owner of your firm or admin, you can choose whether or not your team members need to use two-factor authentication (2FA).
To make 2FA mandatory for everyone on your team, do the following:
- Go to Settings > Firm Settings from the left menu bar.
- Scroll down until you see the Two-Factor Authentication (2FA) section.
- Check the box that says Require 2FA for all team members.
- Click the Save button to confirm your decision.
Starting now, every firm employee will need to enter a one-time code when logging into the firm portal. If you wish to deactivate this feature, you can do so by unchecking the Require 2FA for all team members checkbox.
Disable two-factor authentication for clients and team members
Note! This section is for firm owners and admins only.
As a firm owner or admin, you can disable two-factor authentication for clients and team members if they have lost access to their authenticator app. When they clicked the No access to application? link, you receive a notice at the same email you use for all your notification alerts. Or you can set up a separate email for these kinds of issues: click your profile at the top right, then go to Account settings and enter your email in the Two-factor authentication (2FA) section, then click Save.
Once you’re aware that a client or team member is having trouble signing in, you can disable 2FA.
For a client:
Navigate to the Info tab of the client’s profile, click on the three dots to the right of the client’s email address in the Contacts section, then click Disable Two-factor Authentication.
For a team member:
1. Go to Settings > Team & plans from the left menu bar. You’ll see which team members have 2FA enabled.
2. Click on the three dots to the far right of the team member’s name, select Disable Two-factor Authentication, then click Confirm.
Enable two-factor authentication for your account
Once you enable two-factor authentication, you’ll need to have your smartphone handy whenever you log on to your TaxDome account. When you do, you’ll be confirming your identity by typing in the code provided on your mobile device.
To turn on two-factor authentication in your, follow these steps:
1. Click your profile at the top right, then go to Account settings, toggle on Two-factor authentication toggle, enter your TaxDome account password, then click Submit.
2. You’ll be presented with a list of applications that can be used for two-factor authentication. Install the Authy application (or Google Authenticator, Microsoft Authenticator, etc.) on your phone, then tap Scan a QR code.
3. Click Next Step on your computer screen, then scan the barcode with your phone.
4. Click the Next Step button on your computer screen, enter the six-digit code that the authenticator app provides, then click Verify. Two-factor authentication is now enabled.
Note! If you enable 2FA, you will have to generate a code from your phone whenever you log in. If you lose access to your smartphone, it will take some time to access your account without it, so having a secondary device for 2FA is a good backup plan. We recommend the Authy application because it allows you to include a backup secondary phone number. When you install Authy on your primary mobile device, you can add the number of additional trusted devices. Read the detailed instructions here.
Enable the backup authentication method (SMS)
We strongly recommend you use our backup authentication method that uses text. It’s especially helpful if you lose access to your authenticator app. You confirm your identity by typing the code sent to your mobile device.
To enable the backup authentication method, follow these steps:
1. Click your profile at the top right, then go to Account settings. Toggle on Turn on the backup authentication method (SMS), enter your TaxDome account password, then click Submit.
2. A Backup authentication method pop-up appears asking for your phone number. Be sure to include the country code.
3. Enter your phone number with the country code, then click Next Step. Enter the six-digit code that you received via text, then click Verify. Your backup authentication method is now enabled.
Note! You have 10 tries to enable the SMS backup authentication method. If all 10 are used up, the Next Step button is disabled. To enable it again, you’ll need to reach out to our tech support. We’re always here to help.
Sign in with two-factor authentication enabled
Once two-factor authentication is enabled, you’ll be prompted to enter an authentication code whenever you sign in.
When prompted, open Google Authenticator (or the authenticator app you are using) on your smartphone, then enter the provided code.
Note! The code in Google Authenticator changes every 30 seconds, so if it is not accepted by TaxDome, enter the new one.
If you don’t have access to your authenticator app and you have turned on backup authentication, click on the Send SMS code to your phone link. A text will be sent to your phone, and you’ll then be able to log in.
Note! You have 10 tries to resend a code via text. If all 10 are used up, the button gets disabled. To enable it again, you’ll need to reach out to our tech support. We’re always here to help.
I’ve upgraded my cell phone
If you have a new cell phone, you can continue using two-factor authentication for your account. Here’s how to transfer it over to your upgraded device:
1. Import your authenticator app account to your new phone: Download the app to the device. Next, you are prompted to enter your phone number. (Authy uses your phone number as a way to store your account, making it easier to retrieve.)
2. Once you’ve entered your number, a new prompt asks you to verify your account in one of three ways: using your old device, by phone, or by text.
Using an existing phone is the easiest and safest method.
3. Select Use existing device, and you’ll then see a WAITING FOR APPROVAL pop-up.
4. Next, a notification will appear on your previous phone to approve your new device. Select Accept. Enter Yes (on iPhone) or OK (on Android). Your new device now has access to your account.
What happens if I lose my cell phone?
If you can’t use your authenticator app because you no longer have your phone and you don’t have a backup code, follow this steps:
- If you’re a team member of a firm, contact your firm owner directly and they’ll be able to disable 2FA on your account.
- If you’re a firm owner, send an email to success@taxdome.com with a photo of your driver license along with a selfie of you holding it up. This way, we can verify your identity and make sure it’s you! Note that the verification usually takes one business day.
Disable two-factor authentication on your account
If you no longer want to two-factor authentication to log on, you can disable it. Click your profile at the top right, then go to Account settings. Toggle off Two-factor authentication, enter your TaxDome account password, then click Submit.
Attention! This setting cannot be turned off if it has been enabled at the firm level by the firm owner.