Two-Factor Authentication Is Rolling Out On JustGiving
As part of Blackbaud’s ongoing commitment to online security, we’re pleased to let you know we have been and will continue to enable two-factor authentication on JustGiving user accounts worldwide.
What is two-factor authentication?
Two-factor authentication is a version of multi-factor authentication, which is an electronic validation method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence. You may be familiar with this experience when logging into other systems that require you to enter a code that is texted or emailed to you in order to access the program. This is a heightened verification approach that uses something you have, something you know, or something you are (like a thumbprint or face scan) in order to grant access.
This enhancement requires you to enter your username and password first. Then, a six-digit code will then be emailed to you, and you will submit that code in order to successfully log in. You will receive a prompt to submit a new code every seven days, upon log in.
Why does my account need two-factor authentication?
By releasing two-factor authentication, we can fortify the security which keeps your donor, fundraiser and organization’s data even safer on JustGiving. This is an industry standard approach to ensuring each user is who they say they are and to keep your data safe and secure.
When will my account get two-factor authentication?
This year, we are releasing two-factor authentication as a requirement for all administrator accounts. We have been rolling out the requirement to some users already and expect everyone to leverage two-factor authentication by the end of the year.
Anything else I need to know?
-
Additional forms of authentication may come along in the future for admins, donors, and fundraisers.
-
Additional authentication is optional for donors and fundraisers on the platform (at this time).
-
Timeout for the access code is 15 minutes.
-
Users can only request ten verification codes every hour of an attempted sign-in.
-
You can learn more about this change with our Help Documentation.
Actions Required:
-
Log in now and make sure the correct email addresses are listed for your admins.
-
Remove any users who have left your organization. Learn more about managing your users here.
-
Keep an eye out for an email from us- we will give you a heads up 10 days prior to your account being updated.
Leave a Comment
The best mobile 2fa platform solutions don’t require your users to download any extra software or hardware, which makes them ideal for businesses that are looking to keep their data and customer information private. Authy, for example, is an app that automatically generates 2FA tokens on new devices and protects them by storing them in the cloud.