User Security
Optional enhanced user login security includes Trusted Devices and Two Factor Authentication. Both can be enabled by any user in the emfluence Marketing Platform. To set up trusted devices, engage with the prompt after your login attempt to save your current device, browser, computer, and IP location as trusted (see more on this below). A change in any one of these (computer, IP, browser, etc.) would require a separate login. You will be able to view all trusted devices within the Security section on the user record.
To set up or edit security settings*, go to your user record which can be accomplished by clicking on the icon 
at the top-left of the page next to your username (the same method you would use to change other information on your user record). In the pop-up click on Edit User. All information on your user record can be edited here. If you are not a client admin, only the User Details tab will be editable.
Scroll to the bottom of the user record to find the Security section. To unlock this section, you will need to type or paste your password. NOTE: Only the user can unlock their own security section, no one else can edit this section for them.
*Reseller Users must edit their security section in the reseller gateway rather than a connected user in one of their accounts. The same steps apply. In the reseller gateway, click on the icon next to your reseller username and click the edit user to get to the reseller record. Click Edit to edit the record. In the same confirmation box, retype your password to unlock the security section.
Once unlocked, you will find any saved Trusted Devices and find the permission to enable Two Factor Authentication. Client users, not reseller users, will also be able to create and manage API tokens here as well.
Once enabled, any time you log in from an entrusted device, or if your last two-factor authentication was more than 30 days ago from a trusted device, you will be prompted to reauthenticate.
Trusted Devices
When logging in from an unknown device/location, a user will be prompted to decide if they want to save as a trusted device. A user is not required to save their device when requested. However, if you do not save your device you will continue to receive that prompt on future logins and your user's email will receive an email that a login has occurred on an untrusted device. If you get one of these emails not related to your login, we suggest you change your password as soon as possible.
After typing in your login and password you will be prompted to decide if your wish to save your device or not. Leaving the selection at No and clicking continue will not save the device. Toggling to Yes and clicking continue will prompt you to name your device. A trusted device is a combination of the user's IP address, Browser, and Operating System. If you choose to save a trusted device we suggest giving it a friendly name (Home Computer Chrome etc.). If you work with a VPN, you can see a change in device with the VPN on rather than off. If your IP changes (which could happen if your location uses a dynamic IP address) you could find yourself logged off when your IP changes. You will be given the option to save this new location as a trusted device.
Your trusted devices will show up on your user record in the Security section. You are not limited to a single trusted device. You do not have to save a trusted device prior to enabling Two Factor Authentication, but having a trusted device will prompt the two factor step less often.
Two Factor Authentication
Two Factor Authentication provides an additional optional level of security. When enabled, a user will need to prove their identity by inputting a code they will receive to confirm their login. While you do not need to save trusted devices in order to enable two factor authentication, it is suggested.
You will find the option for enabling two factor authentication on your user's record in the Security section. To enable, click the Enable Two Factor Authentication Button and follow the guided steps.
.png?Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9kemY4dnF2MjRlcWhnLmNsb3VkZnJvbnQubmV0L3VzZXJmaWxlcy84ODgvMzg3OTkvY2tmaW5kZXIvaW1hZ2VzL3F1LzIwMjUvdHdvLWZhY3Rvci10cnVzdGVkLWRldmljZXMoMSkucG5nIiwiQ29uZGl0aW9uIjp7IkRhdGVMZXNzVGhhbiI6eyJBV1M6RXBvY2hUaW1lIjoxNzUzNTc0MTEyfX19XX0_&Signature=JbKgH2Me3gkfKPsOt9EdGGCHNYJojaY3lxruoHwUXKfgxQ48ZqHis5jKb0dp~K6qLDz-nNJ73HE6ZJf~aTTWX7r-e3jiifvPFFB4E8wFZinmXkjkxf4sMIdKHF3m9Ar15Q5NKqcOfg0osC1a6t4rHYxfZo-zfzVBPxCsP7-U1~dJ2CWIYk3dFl5f~s0lz9atDK0XNPXiCIyXeDNI9~r7xNo2lDd93AJzBtY9wa5axYpu5mKzSRzx8Xc0sv-pJKIXILEQcHphK~MzDp57~DaQhMNU5AimmsYroyEwJX-Ku6ifGUsAqTBVwOeCOeOrW2n5dBu4tERifQRXhSUB9wgJCQ__&Key-Pair-Id=K2TK3EG287XSFC)
A code will be sent to your user's email. Type or paste that code in the pop-up and click Submit. The confirmation code is temporary, if you wait too long to input it into the form it can expire. If that happens, click the button to Send new confirmation code.
Once activated, you will regularly be prompted to provide a new generated code when logging in. These will be sent to the email saved on your user record. In order to complete the login process, check your email to find the new code. The use of trusted devices in combination with two factor authentication will lengthen the amount of time between needing to provide a code to confirm your identity as if you are logging in on a previously saved trusted device you may not be forced to type the code on every login attempt. Any time you log into the platform from somewhere other than a trusted device, and have two-factor enabled, you will be prompted to input the code sent to you. Also, when your last two-factor authentication came more than 30 days, even if you are on a trusted device, you will prompted for the code. If you do not save trusted devices, you will be prompted every single time you log in.
You can disable two factor authentication any time on your user record by returning to the Security section of your user and clicking the button to Disable Two Factor Authentication. NOTE: Changing your user's email address will also automatically disable two factor authentication.