Typically, to log into a service you require a username and a password. It is generally assumed that your username is public, so the only thing restricting access to your account is your password. Unfortunately, people tend to choose weak passwords that can be easily guessed, primarily because they’re also easy to remember.
One of the potential solutions to this is password managers. A password manager is a database that securely stores your passwords in an encrypted format, so you only need to remember two, the one to sign into your device and the one to sign into the password manager. This means you can then make every other password in your password manager a unique, long, and complex password.
The other option is called two-factor authentication, or 2FA. 2FA requires you to approve a signing device, typically your mobile phone, and then will require approval from your phone for every login attempt. Typically, this works by either sending a code to your phone, which you then need to enter into the website to login. Or, it might work by sending a push notification to your phone which needs to be approved.
Tip: Both 2FA and a password manager can be used at the same time for maximum security.
Setting up 2FA
If your workspace includes particularly sensitive data, then you may want all of your users to use two-factor authentication. Slack allows you to specify this as a requirement for all members of your workspace. If you choose to enable this setting, all new users will be forced to configure 2FA when they join the workspace. Existing users will be forced to configure it the next time they connect.
To require two-factor authentication workspace wide, you need to go into the workspace authentication settings. To get there, you first need to click on the workspace name in the top-right corner. Next, in the dropdown menu, select “Settings & administration”, then “Workspace settings” to open the workspace settings in a new tab.
Switch to the “Authentication” tab at the top of the page, then click on “Expand” in the “Workspace-wide two-factor authentication” section. In the expanded view, click the button labelled “Activate two-factor authentication for my workspace”. You’ll be required to enter your password to confirm the change.
Two-factor authentication is a strong security tool that significantly reduces the chance that anyone can gain unauthorised access to an account. By following the steps in this guide, you can enable mandatory two-factor authentication for all workspace members.