To ensure the security of sensitive data within Smokeball on your device and to comply with regulations in some states, we offer Two-Factor Authentication as an optional feature for staff members.
Setting Up Two-Factor Authentication
Smokeball Desktop App
Two-Factor Authentication can be managed via the individual users' staff card:
- Open the Smokeball desktop app and select the gear icon on the top-right corner to access Smokeball Settings.
- Select Staff & Users and double-click on the staff member's name.
- In the Edit Staff Member window, navigate to the Security section and click on Set up.
- Follow the prompts in the Two-Factor Authentication setup wizard.
- Enter your Smokeball password.
- Enter your mobile phone number.
- You will receive an SMS from Smokeball with a 6-digit code. Enter this code in the window.
- You will then be presented with some QR codes to download Google Authenticator for your device. Select Next if you already have an Authenticator app installed on your device.
You aren't restricted to only Google Authenticator - other Authenticator apps such as Microsoft Authenticator will work too. - On your Authenticator app, choose the option to Scan a QR code. Point your device at the QR code on the screen.
- Select Next. Enter the code displayed in your Authenticator app. Be quick, as the code will change to a new one after a short period.
- If the code is successful, you will receive a confirmation prompt. After this, you can close the window.
Once setup is complete, you will now have Two-Factor Authentication set up on your account. You will be required to authenticate on login going forward.Â
Check who has enabled Two-Factor Authentication in your firm
If you're a Firm Owner, go to the Staff and Users tab to view your staff's Two-Factor Authentication status. Staff members who have successfully set up Two-Factor Authentication will have a green tick to their name.
Opening a staff card also displays their Two-Factor Authentication status, but personal information such as the device used and the verification code will not be visible.
Smokeball Web App
To enable Two-Factor Authentication on the Smokeball Web App:
- Select the gear icon on the top-right corner of the Smokeball Web App, then select My Preferences.
- Select Account Security from the left panel.
- Select Enable 2FA under the Two-Factor Authentication section.
- Follow the prompts in the Two-Factor Authentication setup wizard.
- Enter your Smokeball password.
- Enter your mobile phone number.
- You will receive an SMS from Smokeball with a 6-digit code. Enter this code in the window.
- You will then be presented with some QR codes to download Google Authenticator for your device. Select Next if you already have an Authenticator app downloaded.
- On your Authenticator app, choose the option to Scan a QR code. Point your device at the QR code on the screen.
- Select Next. Enter the code displayed in your Authenticator app. Be quick, as the code will change to a new one after a short period.
- If the code is successful, you will receive a confirmation prompt. After this, you can close the window.
Once setup is complete, you will now have Two-Factor Authentication set up on your account. You will be required to authenticate on login going forward.Â
Working with Two-Factor Authentication
Once Two-Factor Authentication has been enabled for your account, you must verify yourself each time you log in to Smokeball via the desktop and web apps.Â
For security reasons, you are required to verify yourself every time you log in. There is no option to remember your device.
Smokeball is not accepting my code
If you are frequently experiencing an "Invalid Code" error when entering your verification code, ensure that the time on your mobile device and Windows/Mac device is in sync. 2FA is sensitive to time differences, even by a few seconds.Â
Important notes around Smokeball account security
- You must enable Two-Factor Authentication for yourself only.
- After your first login, your login credentials will expire after six months.
- You will receive a notification seven days before the password expiry, prompting you to reset your password. If you fail to reset your password, you will receive a notification indicating that you are working offline and need to reset your password.
- If you have lost your Two-Factor Authentication device or do not have access to the authenticator, contact our Support Team to regain access to your account.