As the digital landscape evolves and new technology is introduced, software solutions are increasingly essential for organizational operations. On average, organizations with 1 to 500 employees use around 172 applications in their tech stack, which means managing multiple users and logins—a task that demands the highest level of security. Software as a Service (SaaS) providers now bear a greater responsibility than just delivering innovative solutions; they must also protect sensitive user data and maintain customer trust by implementing best-in-class security and compliance measures.
At Formstack, your account and data security are a top priority. Formstack’s Chief Information Security Officer, Ashley Nuckols states,
"At Formstack, we take data security and compliance very seriously because customer data, your data, is at the core of what we do. We are continually checking to ensure that we not only match but exceed best recommended security practices and keep up to date on the latest security and privacy regulations. Our goal is to provide peace of mind so that our users can focus on what matters most—driving their business forward."
Understanding the Cyber Threat Landscape
With the rise of sophisticated cyber attacks, credential-based breaches are becoming more prevalent. According to the 2023 Verizon Data Breach Investigations Report, 83% of breaches involved external actors, and 49% of these incidents were due to stolen credentials. What does this mean? This means that relying solely on passwords is no longer sufficient for safeguarding identities and accounts. That’s why it's crucial for organizations to adopt stronger security measures, such as two-factor authentication (2FA), to better protect their applications and data.
What is Two-Factor Authentication?
Two-factor authentication (2FA) is a simple and effective way for organizations and software and technology vendors to confirm that users are who they say they are when accessing web or mobile applications. It’s a form of multi-factor authentication that strengthens account security by requiring users to verify their identity through two different methods, or authentication factors. Think of it like unlocking your iPhone: you enter your password and then scan your fingerprint. The same concept applies to accessing web and mobile apps. The recipe for two-factor authentication includes:
- Something You Know: This is usually a password or a PIN.
- Something You Have: This could be a unique code sent to your phone, a hardware token, or a mobile authentication app.
By requiring an additional verification method, it is significantly more challenging for threat actors to gain access to your account. For example, even if an external actor manages to gain access to your password, they would still need access to your phone or authentication device to successfully login to your account. It adds a crucial barrier that can prevent unauthorized access, even in the event of a data breach or phishing attack. For this reason, organizations and service providers now consider two-factor authentication a best practice for safeguarding sensitive information and maintaining the integrity of user accounts.
How does Two-Factor Authentication Work?
At Formstack, we provide our customers with the reassurance of knowing that our solution adheres to best-in-class security standards, so you don’t have to worry about what measures to take on your account. Strong security for your systems relies on a dynamic approach built from a variety of tools and policies. Knowing that enabling two-factor authentication significantly reduces credential-based breaches, we require this to be enabled on all Formstack accounts.
Once two-factor authentication is enabled, every time you log in, Formstack will send an authentication code to your mobile device. Depending on your preference, this code can be generated by an authenticator app like Duo or Authy, or delivered via text message (SMS). To complete the login process, you’ll need both your password and this code.
How to Enable Two-Factor Authentication on your Account
Setting up two-factor authentication on your Formstack account is simple. For Org Admins, go to the Admin page by selecting “Administration” in the product switcher or navigating directly to admin.formstack.com. Standard users can enable two-factor authentication by clicking on their name in the application header and selecting ‘Update Your Profile’. Scroll down to the “Profile security” section and toggle on Two-factor authentication. Then, follow the on-screen instructions to set up 2FA with your preferred method.
For a detailed guide on how to set up two-factor authentication refer to our support article here.
