Enabling Two-Factor Authentication (2FA) in SmartPush (Coming Soon)

Avatar
Smart Push
Follow

Two-Factor Authentication (2FA) is an additional security layer that helps protect your SmartPush account. With password-only login, accounts are vulnerable to risks such as data leaks, phishing attacks, malware, or password guessing. By adding a second verification step, 2FA significantly reduces the risk of unauthorized access even if your password is compromised.

When 2FA is enabled, you must verify your identity using two different types of credentials when signing in:

  • Your account password
  • A one-time verification code (sent via email, SMS, or generated by an authentication app)

Follow this guide to enable 2FA and enhance the security of your SmartPush account.

 

In This Article

 

How 2FA Works with Existing Risk Control Verification

Both 2FA and SmartPush’s existing risk-based identity verification aim to enhance account security, but they work differently:

  • Risk-based identity verification
    This is triggered only when the system detects suspicious activity, and typically requires email verification at specific moments.
  • Two-Factor Authentication (2FA)
    This is voluntarily enabled by you at the account level. Once enabled:
    • Identity verification becomes mandatory at every login
    • Most sensitive operations no longer require additional pop-up OTP verification

In short, 2FA provides consistent, proactive protection, while risk-based verification is conditional and reactive.

 

Why We Recommend Enabling 2FA

Enabling 2FA helps you:

  • Prevent unauthorized logins, even if your password is exposed
  • Reduce interruptions during sensitive operations
  • Align with SmartPush’s data security and risk control standards
  • Better protect customer data and exported business information

 

Enabling 2FA in SmartPush

To enable 2FA for your SmartPush account:

  1. Go to Account Management > Login & Security.
  2. Click Enable Two-Factor Authentication.
  3. Verify your current account password (based on risk control rules).
  4. Verify your identity using your current email or phone.
  5. Choose one of the following 2FA methods:

     
  • Authentication App: Use apps such as Google Authenticator, Microsoft Authenticator, or Duo Mobile to generate time-based verification codes. This method works even without an internet connection.
  • SMS Verification: Receive a one-time code via your mobile phone.
  • Email Verification: Receive a one-time code via email.

Once setup is completed successfully, your account will display Two-Factor Authentication Enabled.

Managing Your 2FA Settings

You can manage your 2FA settings in SmartPush via: Account Management > Login & Security. From there, you can:

  • Enable 2FA
  • View your current 2FA status
  • Disable 2FA (verification required)

 

How Login Works After Enabling 2FA

After 2FA is enabled, logging in requires two steps:

  1. Enter your account email and password.
  2. Complete the second verification using your selected 2FA method.

If you do not receive a verification code, refer to the "Common Causes and Solutions for Not Receiving OTP Verification Codes" guide to view troubleshooting guidance. 

 

Using 2FA During Sensitive Operations

SmartPush applies additional protection to sensitive actions, such as:

  • Campaign data exports
  • Contact data exports

How verification works depends on your 2FA status:

If 2FA is not enabled

  • You will be prompted to verify your identity based on risk level
  • After verification, you may be guided to enable 2FA

If 2FA is enabled

  • For low-risk scenarios, extra OTP verification may be skipped
  • For high-risk scenarios, a second verification may still be required

 

Disabling Two-Factor Authentication

To disable 2FA:

  1. Go to Account Management > Login & Security.
  2. Click Disable Two-Factor Authentication.
  3. Verify your password.
  4. Complete verification using your current 2FA method.
  5. Confirm disabling 2FA.
Note: Disabling 2FA reduces your account’s security level. Please proceed with caution.

 

Important Notes & Limitations

  • You cannot currently change your 2FA email address or phone number by yourself. If you need to update them, please contact customer support for manual assistance.
  • If you lose access to your authentication app or device, contact customer support for recovery.
  • Verification codes are time-limited and may expire if not used promptly.


     
Have more questions? Submit a request

Comments