How Two-Factor Authentication Protects Legal Data
Today is World Password Day! This year, the focus is on multi-factor authentication, described below. For additional security tips, visit the Password Day site or read our other security posts.
At Everlaw, we want you to take comfort in knowing your data is secure. One way you can do this is by enabling two-factor authentication.
What Is Two-Factor Authentication?
It’s a convenient and important security measure that protects your accounts and privileged data. The term refers to using two “factors” to verify a login attempt: one is your password and a second is a code from your email or your phone. That second factor makes it much more difficult to remotely hack into your account, because even if an attacker can glean your password, it is much harder for him or her to access your phone.
Even if you are unfamiliar with the term “two-factor authentication” (or its abbreviation, “TFA”), you may have used it. When accessing your bank account online, have you ever been asked to enter a number from your email or cell phone during login? That is a common example of TFA. Or perhaps this page looks familiar to you:
If so, then you have used two-factor authentication before! This is what you may see when logging into your Gmail account.
How Do You Enable Two-Factor Authentication in Everlaw?
Once logged in to your Everlaw account, click your name in the upper right hand corner. This will take you to your account page.
Under “Security & Authentication,” select the checkbox saying “Require Two-Factor Authentication.”
An authentication code will be emailed to you to verify the authentication request.
Type in this authentication code on your Everlaw account page.
Once activated, you will then need to authenticate every computer or device through which you’d like to access Everlaw by providing both your password (factor one) and a code (factor two).
Your second “factor” can be either your email or your smartphone:
Email:
When you log in, Everlaw will automatically send you an email with a 6-digit code. Copy-paste this code from your email into the Everlaw login screen.
Smartphone:
Download the “Google Authenticator” app on your phone: on Android or on iPhone. Everlaw will send the 6-digit code to your phone, which you can then type into the Everlaw login screen.
If you select “Remember this Computer” when logging in, then Everlaw will not ask for the second authentication factor when you log in from that same computer or device for 30 days. We recommend unchecking this option if you are on a shared or public computer to prevent unauthorized access. You can also clear the cookies/cache on your current browser at any time so that the computer is not recognized at your next login attempt.
If you are a case administrator, you can enable two-factor authentication for your entire case. Go to your Settings page and click on “MFA Required” so that it says “Yes.”
We hope this brings more clarity to the importance of two-factor authentication, and how to easily enable it for your litigation prep. Any questions? Let us know at feedback@everlaw.com! And catch up on other feature deep dives here.
Learn more on the Everlaw security page.