Understanding Quipt's Two-Factor Authentication (Email Verification)

What is Two-Factor Authentication (2FA)?

Two-Factor Authentication is an extra layer of security for your Quipt account. In addition to your password (something you know), 2FA requires a second piece of information (something you have, like access to your email) to verify your identity. This makes it significantly harder for unauthorized individuals to access your account, even if they  somehow obtain your password.

How Quipt's Email 2FA Works:

1. Login: Enter your registered email address and password on the Quipt login page as usual.
2. Verification Trigger: If you are logging in from a new device/browser OR if it has been more than 90 days since you last verified your identity on your current device/browser, Quipt will trigger the 2FA process.
3. Receive Code: Quipt will automatically send a unique verification code to the primary email address associated with your user profile.
4. Enter Code: Check your email inbox for the code. Return to the Quipt login screen and enter the code when prompted.
5. Access Granted: Once the correct code is entered, you will be logged into your Quipt account. Your device/browser combination will typically be remembered for the next 90 days, meaning you won't need to enter a code every time during that period unless you log in from somewhere new.

Why We Use Email Verification: We chose email verification as our primary 2FA method for several key reasons:

• Accessibility: Nearly all users have consistent access to their email, making it a widely available and user-friendly method.
• Simplicity: It doesn't require installing specific authenticator apps or relying on SMS delivery, simplifying the process for many users.
• Balance: It provides a significant security enhancement over just a password, striking a good balance between robust protection and ease of use for our diverse client base.

Why Re-verify Every 90 Days? Security is an ongoing process, not a one-time setup. Requiring re-verification via email every 90 days serves important security functions:

• Maintains Security Posture: Regularly confirms that the person accessing the account still controls the registered email address.
• Mitigates Long-Term Risk: Reduces the risk associated with devices that might have been lost, sold, or compromised without your knowledge after the initial verification.
• Balances Security & Convenience: This frequency provides a periodic security check-up without being overly intrusive to your daily workflow, aiming for the right balance between user experience and necessary security measures.

Benefits To You:

• Enhanced Account Security: Significantly reduces the risk of unauthorized access.
• Data Protection: Helps protect your sensitive business information (inventory, orders, supplier data, etc.) stored within Quipt.
• Increased Confidence: Provides peace of mind knowing your account has an additional layer of security.

Troubleshooting:

• Didn't receive the email code?
  • Please allow a few minutes for the email to arrive.
  • Check your Spam or Junk email folders.
  • Ensure the email address registered in your Quipt user profile is correct and accessible. You may need an administrator to verify this if you cannot log in.

Need Further Assistance? If you are experiencing issues with Two-Factor Authentication or have questions, please contact our support team at support@getquipt.com.