Enhancing Your CloudCart's Store Security with Two Factor Authentication (2FA)

‍

Due to security concerns and the need to protect sensitive system actions, Two-Factor Authentication (2FA) has been implemented. This article outlines the required steps to use 2FA for enhanced protection, giving users the option to choose between app or email authentication.

From October 15th, 00:00, users who have not activated the app-based 2FA, will be required to use email-based 2FA, with email notifications sent by default. Users who already use 2FA via app will not be affected. Additionally some sensitive information actions will be also protected by 2FA, for example - exporting orders or customers. The email verification will be sent to the email address you are logged in with no matter if you are the owner or administrator of the online store.

If you are having trouble accessing your account, please reach out to your Customer Success Manager (CSM) or the Support Team for help.

In today's digital landscape, safeguarding your online store is more important than ever. This article explores the importance of Two-Factor Authentication (2FA) for your CloudCart store, addressing common security vulnerabilities and providing CloudCart’s straightforward solution to enhance your store's protection.

Problem Description

Online stores often face threats such as unauthorized access, data breaches, and fraudulent activities. Relying solely on a password leaves your store vulnerable. For example, if a hacker obtains your password through phishing or data leaks, they can easily access sensitive information, including customer data and financial records. This situation can lead to a loss of trust from customers and significant financial repercussions.

‍

Consider a scenario where a store owner does not use 2FA. A malicious actor gains access to the owner's account, manipulates pricing, or steals customer data, resulting in a damaged reputation and potential legal issues.

‍

Solution Steps

Implementing 2FA in your CloudCart store is an effective way to bolster security. Follow these steps to set it up:

Step 1: Choose Your 2FA Method

You may find this option in your Admin profile (/admin/account/profile), as shown in the screenshot below:

You can choose between an authenticator app, browser plugins, or email-based verification, which is active by default. Popular authenticator apps and tools include:

Mobile Authenticator Apps

• Google Authenticator
• Authy
• Microsoft Authenticator
• Duo Mobile
• LastPass Authenticator
• FreeOTP

Desktop Authenticators and Browser Plugins

• Authy Desktop (Windows, macOS, Linux)
• 1Password (Browser extension and desktop app)
• Bitwarden (Browser extension and desktop app)
• Duo Mobile Browser Extension (for various browsers)

Step 3: Email based 2FA

If you prefer not to use an authenticator app, this option is set by default. However, if you decide to use an app, you will not be able to revert to email.

Confirm Your Email Address: Make sure your email address is correct, as this is where the verification codes will be sent.

Step 3: Setting Up 2FA Using an Authenticator App

1. Download and Install the App: Choose an authenticator app from your device's app store and install it.
2. Access Your CloudCart Account: Log in to your CloudCart account and navigate to the Admin Profile (/admin/account/profile).
3. Scan the QR Code: You will see a QR code on the screen. Open your authenticator app, add a new account, and scan the QR code.
4. Enter the Verification Code: The app will generate a code. Input this code into CloudCart to finalize the setup.

Additional Tips

• Regularly Update Your Password: Change your password every few months to further enhance security.
• Be Cautious with Phishing Attempts: Always verify the authenticity of emails before entering your credentials.
• Test Your 2FA Setup: After enabling 2FA, perform a sensitive action to ensure everything is functioning correctly.

Common Mistakes to Avoid

• Neglecting Backup Codes: If your authenticator app becomes inaccessible, ensure you store backup codes in a safe place.
• Not Regularly Reviewing Security Settings: Regularly check your security settings to ensure they are up to date.

FAQs

Q1: What is Two Factor Authentication (2FA)?
A1: 2FA is a security measure that requires two forms of verification before granting access to an account. This adds an extra layer of protection beyond just a password.

Q2: Do I need to use an authenticator app for 2FA?
A2: No, you can choose to remain with email based verification, which is active by default as an alternative to an authenticator app.

Q3: What should I do if I lose access to my authenticator app?
A3: Contact CloudCart’s support team or your dedicated CSM.

Q4: Can I use multiple authenticator apps?
A4: Yes, you can set up multiple authenticator apps for redundancy. Just ensure they all have access to the same account.

Q5: How do I disable 2FA if I no longer want it?
A5: For enhanced safety, you cannot disable it.

Contact Support

If you have any questions or need further clarification regarding the 2FA setup process, do not hesitate to contact CloudCart's support team for assistance. They are available to help you enhance the security of your online store.

‍