What is two-factor or two-step authentication?
Two-Factor Authentication Setup Instructions
Installing the Google Authenticator App
Google Authenticator Setup with a Barcode Scanner
Google Authenticator Setup with Secret Key
Completing the Two-Factor Setup
Using Two-Factor Backup Codes
Logging in to Clio Using Two-Factor
Two-factor authentication is a mechanism that requires users to provide two different means of identification when logging in. When you enable two-factor authentication in Clio, users will be required to log in with their Clio password and a random numeric code generated by the Google Authenticator application which is available for iPhone, Android, and BlackBerry. In Clio two-factor is set up on a per-user basis.
Why would I need this?
Although the internet is a trusted medium for hosting critical applications and information, passwords are often a weak link in the chain of security between a web application and a user. Clio’s two-factor authentication option allows subscribers to require that passwords be used in conjunction with a randomized code delivered to a mobile device. Once this code is entered after the initial login credentials, the user will be able to access their Clio account. This means enhanced security for all users, and ensures that a weak or compromised password can’t be used alone to gain access to sensitive data.
Note: two-factor settings are set up on a per user basis and managed by that user.
To enable two-factor authentication, go to your Clio Settings panel and click on "Security" in the System column.
On the Security settings page, click on the "Two-Factor Setup" sub-tab.
Check the box beside "Enable Google Two-Factor authentication".
This will open further instructions for downloading and setting up Google Authenticator.
Note: the following installation instructions refer to the Google Authenticator app for Android. For instructions on installing Google Authenticator on iOS and BlackBerry devices, or instructions for installing the app on multiple devices, see the "Install Google Authenticator" Support Article.
Go to the Google Play (or Apple) store and search for "Google Authenticator", then install the app.
Once installed, open the Google Authenticator app and tap "Begin setup".
On the "Add an account" screen, tap "Scan a barcode".
* If you do not have a barcode scanner installed on your device then you will be prompted to install the "Barcode Scanner" app by ZXing.
With your barcode app open, aim your camera at the barcode on the Clio Two-Factor Setup screen.
If your device is not able to scan the barcode, click on the "Can't scan the barcode" link for a Secret Key to use in Google Authenticator.
In Google Authenticator, tap "Enter provided key".
In the "Account name" field, give the authentication a name; for example: "Clio".
In the "Enter your key" field, type the Secret Key from the Clio Two-Factor Setup screen, then tap the "Add" button.
Whether you have added a Google Authenticator account using the barcode method or the manual method, Google Authenticator will provide you with a 6-digit numeric code that is generated every minute.
Enter the number that you see into the "6-digit verification code" field then click the "Update Two-Factor Settings" button.
To complete the two-factor setup process, you will then be prompted to sign in with your Clio password to reauthenticate.
In the event that you lose your mobile device, you can still access Clio by using one of the available backup codes. While you are in the process of enabling two-factor authentication, be sure to save your backup codes in a secure location.
Click the "Show and print backup codes" button to reveal a set of 8-digit backup codes.
When you first set up two-factor, 10 backup codes will be generated. Each code can only be used once and will be removed from the list when used. If your list of backup codes is ever lost, compromised, or depleted, you can generate a new set of backup codes by clicking the "Generate new codes" button.
- It is recommended that, if you rely on the backup codes regularly to log in, you opt to generate new codes no later than your 9th backup code use.
With two-factor authentication enabled, you will be prompted to enter the "2-step verification" code after signing in with your password. Open the Google Authenticator app on your mobile device and type in the 6-digit numeric code that is displayed.
Alternately, if you do not have access to your mobile device, click on the "or use backup verification code" link to enter in one of your 8-digit backup codes.
To disable two-factor, uncheck the box beside "Enable Google Two-Factor authentication". You will then be prompted to confirm the action.
Follow the instructions above to disable Two-Factor with the current device then setup Two-Fator again with the new phone.