We take your security seriously at Aircall. That’s why we offer several authentication methods to choose from, including:
To add to this, we are now introducing a new Two-Factor Authentication (2FA) mechanism to provide a further layer of protection to the username and password authentication process when logging into the dashboard. When set up, Aircall will require the user to not only enter their password, but also to provide a code (sent to that user’s email address) in order to access the dashboard.
Please note that this login method does not apply to users logging in to the phone app - it will apply to users who are logging into the dashboard only.
Having 2FA in place for accessing the dashboard offers several advantages:
- Increased security: 2FA adds an extra layer of authentication beyond just a password, requiring an intruder to first gain access to the user’s Aircall password, and then to their email, before gaining access to the Aircall dashboard.
- Phishing protection: 2FA can guard against phishing attacks in that attackers not only need the password, but also an additional factor (the temporary code) that changes over time.
- Enhanced logging capabilities: 2FA systems often log details about authentication attempts, making it easier to detect suspicious activities and monitor system security.
- Reduced risks from weak passwords: Security is not solely reliant on password strength
In summary, the implementation of 2FA is an effective strategy to bolster security in accessing dashboards and other systems, providing an additional barrier against potential cyber threats.
Activating Two-Factor Authentication
To enable this feature in your account, please follow the steps outlined below:
-
Start the activation process. Click on My Company in the bottom left of the dashboard, and navigate to the Security tab. Then click the button “Enable Two-factor Authentication”.
-
Proceed through the activation flow. A new screen will appear entitled ‘Protect your company accounts’. This is the beginning of the 2FA activation flow. Once you’re ready to begin, click Start.
-
Receive your security code. Aircall will send an email to the address associated with your account that contains a 6-digit security code.
-
Enter your security code into the dashboard. Enter this code into the field as shown in the screenshot below, and click Next. Please note that this code has a validity period of 10 minutes. Once this time has elapsed, the code will no longer be valid.
-
Confirmation or error message. If successful, the screen will now display a message stating that 2FA is now able to be activated for all users with dashboard access.
If the code was entered incorrectly or has expired, an error message will appear to notify you that something has gone wrong.
Users can request the delivery of a new code up to three times. If, after the third attempt, they still haven't gained access, they will need to restart the entire process and can contact Support for assistance. -
Activate Two-Factor Authentication for all users with dashboard access. You will now be asked for confirmation that you wish to enable 2FA for all users of your company account with dashboard access. To confirm, click Enable. At this point, all users seeking access to the Aircall dashboard will be sent through the Two-Factor Authentication process. Please note that users without dashboard access, who are logging in via the phone app, will not be asked to log in with two-factor authentication.
Logging in once Two-Factor Authentication is active
Once 2FA is activated for your company, the login process for users accessing the dashboard will look like this:
- Users will need to provide their username and password.
- They will receive a 6-digit security code to the email associated with their account, and will then be prompted to enter this security code as shown below:
- If successful, the user will gain access to the Aircall dashboard. If not successful (for example, the code was incorrect or expired), an error message will appear.
- Users will then be able to select Send a new code which will request a new code to be sent to the email address associated with their account.
- Users may request the delivery of a new code up to three times. If, after the third attempt, they still have not gained access, they must restart the process and can contact Support for assistance.
Disabling Two-Factor Authentication
To disable 2FA, a user with an Owner role must navigate to the My Company section of the dashboard and then to the Security tab. They must then click the button “Disable Two-Factor Authentication”.
A confirmation message will then pop up, at which point the user must confirm that they do indeed wish to disable 2FA. After clicking Disable Two-Factor Authentication, all users with dashboard access will revert to the typical username and password login process.