Two-factor authentication (2FA) protects your account and is mandatory when using splose.
If your password is compromised or stolen, you can have peace of mind knowing that no one can access your account without the code sent to the authenticator app on your device.
Important: Workspaces with SSO enabled are exempt from Splose 2FA requirements, as authentication and 2FA are handled by the SSO identity provider (e.g., Google Workspace, Microsoft 365).
How 2FA works
2FA is configured for the workspace by the account owner or administrator, and once set up all team members must have 2FA enabled to access the workspace.
2FA operates through code generation with an authenticator app. A consistent set of access codes are generated based on the unique QR code provided when you set 2FA up. Network access is not needed to continue to generate those codes.
Once you’ve set up 2FA, each time you log in you will be asked to provide a code generated by your chosen authenticator app.
Your log in details will be remembered for 7 days, after which you will need to sign in to your splose workspace again. You will need to enter your email and password, as well as a one-time, unique verification code sent to an authenticator app on your chosen device.
Important: users within a workspace that hit 7 days without 2FA enablement will be blocked from further access until setup is complete.
Before you begin
You will need an authenticator app before you set up 2FA.
Please see the table below for recommended authenticator apps and download links for your respective app stores.
App | Download Links |
Google Authenticator | |
Microsoft Authenticator | |
iOS | Android | Web Browser | |
You're not limited to the apps listed, but they've been vetted for transparency, encryption, and independent audit results.
We will continue to monitor security events and audits to ensure the security and reliability of the 2FA apps.
Please note that we recommend using dedicated authenticator apps, as opposed to password managers such as 1Password, because they keep your password and 2FA codes in separate places, further ensuring account security.
How-to
Enable 2FA for your workspace
Only account owners can enable 2FA for a workspace.
Enabling 2FA for your workspace makes enabling 2FA a requirement for both new and existing users within your workspace.
To enable 2FA:
Go to My account in the top right of the page
Then Account security
Click Enable 2FA
Ensure you have downloaded an authenticator app, then open the app and scan the QR code
Enter the authentication code sent you your phone and click Enable 2FA for your workspace
After you've done this, users who don't have 2FA enabled will be prompted to set it up when they log into their workspace.
You’ll need your authenticator app each time you log in so keep your phone handy when accessing splose.
Enable 2FA for your account
For team members who are not account owners or administrators, the owner of your workspace will enable 2FA, which you will then be required to enable for your own account.
Those new to the workspace will be prompted to set up 2FA when they sign in for the first time. Existing users will be prompted to enable 2FA from within their account or when they sign in if they are logged out.
To enable 2FA for your account:
Go to My Account and then Account security
Click Enable 2FA
Download an authenticator app
On your phone, open the authenticator app and scan the QR code to receive a verification code
Then enter the verification code provided by the authenticator app
Finally a confirmation will show that 2FA is successfully enabled. You will then have access to your splose account
Reset 2FA for a team member
Easily reset 2FA for users in the team when needed.
Important: Only an Account owner or Practice Admin can perform this action. If you are having issues using 2FA please reach out to your account admin.
To reset 2FA:
Go to Settings, then Users
On the Users page next to the relevant user, click the three dots (•••) in the 'Actions' column, then Reset 2FA
Resetting their 2FA will remove their current 2FA setup and send them an email to reconfigure it. When ready, click Send reset email
The user will then receive an email with a temporary reset link. After they click the link they'll be directed to log in with their password and set up 2FA again before accessing their account.
The reset link expires in 1 hour
Frequently Asked Questions
Can I use 2FA for multiple workspaces?
Can I use 2FA for multiple workspaces?
If you belong to multiple workspaces, then you will need to set up 2FA for each account separately.
Do I need coverage to access an authenticator app and get my code?
Do I need coverage to access an authenticator app and get my code?
Network access is not needed to continue to generate those codes. 2FA operates through code generation with an authenticator app. A consistent set of access codes are generated based on the unique QR given when you set 2FA up.
What if I want to add a new practitioner and set up their account with some appointments before they start?
What if I want to add a new practitioner and set up their account with some appointments before they start?
You can use your own authenticator initially then, once the practitioner is available, reset their 2FA and direct them to set up 2FA using their own authenticator.
Can I set up 2FA with multiple mobile phones for the same user?
Can I set up 2FA with multiple mobile phones for the same user?
Yes, you can have multiple devices set up for 2FA for the same splose user. It's done by scanning the same 2FA QR code on each device (so each device generates the same codes). To do this:
Make sure you have the same authenticator app installed on each device
In your splose account go to My account → Account security → Enable 2FA. A QR code will appear
On the first mobile phone, open the authenticator app and scan the QR code
In the second, and any further devices, open the authenticator app and scan the QR code
Troubleshooting
I've set up 2FA, but it's not working.
I've set up 2FA, but it's not working.
If you are an account owner who has set up 2FA and it isn’t working, please contact support via the chat.
If you are a practitioner or any other type of user, and your 2FA isn’t working, reach out to your account admin to reset your 2FA.
I have a new phone, and I can't access the authenticator app on my old phone!
I have a new phone, and I can't access the authenticator app on my old phone!
If you have a new phone, and you're unable to access your old phone, you will need to send a request to your account owner or practice admin to reset your 2FA. Once they have done that, you can set 2FA up on your account with your new phone.
I've entered the code displayed in my authenticator app, but it's not working
I've entered the code displayed in my authenticator app, but it's not working
Two-factor authentication (2FA) uses time-based security codes to protect your splose account. For these codes to be accepted, your device's internal clock must match the official "network time" used by our servers. If your device is not synced with network time, the security code generated will not be recognised, resulting in a login error.
Please note that your device only needs to check the network time occasionally to maintain accuracy; you do not need to maintain a constant internet connection for 2FA to continue working once the time is correctly set.
Click the link in the table below to learn how to change your device's time settings. Ensure that Set time automatically is set to ON.