What is Two-step Verification?
Two-step Verification is one of Socketlabs' additional security features. It prevents unauthorized users from logging into your Socketlabs Control Panel even if they have acquired your username and password.
It does this by using one of your personal devices to verify your identity. When you set up two-step verification, you register a device with us that you know you will be able to access whenever you are logging in. This device can be a smartphone, tablet, laptop or desktop computer, really any device that can receive SMS or on which a Google Authenticator application can be installed.
Every time you attempt to log into the Socketlabs Control Panel, a special verification code will be sent to your device via SMS or Google Authenticator. This verification code must then be entered to complete the login process. Without your personal device, no one else can access your account!
How do I set up Two-Step Verification?
Each user can set up Two-Step Verification for their individual account by taking the following actions.
Please note that once you complete this process, you will be required to verify your identity using two-step authentication every time you log in.
What if I can't access the device I use for Two-Step Verification?
Sometimes a phone gets lost or stolen, a computer becomes non-functional, you leave a device behind when going on vacation, or any of a thousand little things can happen to prevent you from accessing your device. We understand this and therefore provide a couple of backup options for accessing your account when the primary method you selected is unavailable.
Backup Phone Number
During Two-Step Verification setup, you will be presented with the option to provide a backup phone number for verification via SMS. You can also provide this at a later time by viewing the Security page and selecting "Add a backup phone number". When you are asked for a verification code while logging into Socketlabs' Control Panel, click on the "Having trouble?" link and then select "Send a verification code to my backup phone number ending with XXXX". This will allow you to enter a code sent to your backup phone.
When you set up Two-Step Verification, we provide you with a set of printable, one-time-use Backup Codes. When you are asked for a verification code while logging in, click on the "Having trouble?" link and then select "Let me enter one of my backup codes". Remember: each of these codes are usable one time only. We recommend keeping this list in a secure location and crossing any codes you have used off of your list.
If you use the last of your Backup Codes, do not log out without navigating to the Security page and selecting "Regenerate backup codes"! This will provide you with a whole new set.
How do I turn off Two-Step Verification?
To turn off Two-Step Verification for your user account, follow the instructions below.
If you are the account owner, you can see whether or not Two-Step Verification is enabled for each particular user on the same account. Should you need to turn off Two-Step Verification for another user, follow these instructions.
How do I change my Two-Step Verification device or method?
You may change your Two-Step Verification settings at any time by navigating to the Security page and clicking Edit next to the phone number you wish to change. You may also click Remove next to the Backup number if you no longer wish to provide a secondary device.
If you have enabled SMS verification and wish to switch to Google Authenticator (or vice versa), simply Remove your existing configuration and then click Enable Two-Step Verification to begin again.
Google Authenticator must be set up anew for each new device.