Summary
Security is our top priority. Today we're announcing two-factor authentication (2FA) for admin accounts, adding an extra layer of protection to your workforce data.
What is Two-Factor Authentication?
2FA requires two forms of verification to access your account:
- Something you know: Your password
- Something you have: Your phone (for verification codes)
Even if someone steals your password, they can't access your account without your phone.
Why We Added This
Your NestedClock account contains sensitive data:
- Staff personal information
- Time and attendance records
- Payment information
- Photos and biometric data
2FA significantly reduces the risk of unauthorised access.
How It Works
- Enable 2FA: Go to Account Settings → Security
- Scan QR code: Use an authenticator app (Google Authenticator, Authy, etc.)
- Save backup codes: Store these safely in case you lose your phone
- Login with 2FA: Enter password + 6-digit code from your app
Key Features
Industry Standard
We use TOTP (Time-based One-Time Password), the same standard used by banks and major tech companies.
Backup Codes
Receive 10 backup codes when you enable 2FA. Each can be used once if you lose access to your authenticator app.
Trusted Devices
Option to trust devices for 30 days, reducing the frequency of 2FA prompts on your regular devices.
Easy Recovery
If you lose your phone, use backup codes or contact support for account recovery.
Recommended Authenticator Apps
- Google Authenticator: Simple and reliable
- Authy: Cloud backup and multi-device support
- Microsoft Authenticator: Integrates with Microsoft accounts
- 1Password: If you use 1Password for passwords
Best Practices
- Enable 2FA on all admin accounts
- Store backup codes securely (not on your phone)
- Use a strong, unique password
- Don't share your authenticator app
- Review trusted devices regularly
Who Should Use 2FA?
We recommend 2FA for:
- All admin accounts (required for some plans)
- Accounts with access to sensitive data
- Accounts used on shared or public computers
- Business owners and managers
Performance Impact
2FA adds only 5-10 seconds to login time but provides significantly enhanced security. It's a small price for peace of mind.
Availability
Two-factor authentication is available now for all NestedClock customers at no additional cost.
Secure your account today. Enable 2FA in your account settings.