Secure Your Account with Two-Factor Authentication in BoldDesk
Two-Factor Authentication (2FA) adds an extra layer of security to BoldDesk accounts by requiring a time-based one-time passcode (TOTP) in addition to a password. This feature helps protect sensitive ticket data and prevent unauthorized access.
Overview
-
Supported for:
- Agents: Enable individually or enforce organization-wide via Agent Portal settings.
- Contacts (Customers): Enable individually or enforce globally via Agent Portal settings.
-
Applies to: BoldDesk form logins only. Social or custom SSO logins bypass 2FA.
Prerequisites
- User must sign in using BoldDesk form login.
- A TOTP authenticator app (e.g., Google Authenticator, Microsoft Authenticator) installed on the user’s mobile device.
Please watch this video tutorial for further information.
2FA for Agents
Agents manage sensitive tickets and administrative settings. Enabling 2FA ensures secure access to the BoldDesk Agent Portal.
Enabling 2FA for Individual Agents
-
Log in to your BoldDesk account.
-
Navigate to your Personal Settings.
-
Click the Security tab.
-
Click Enable.
Once enabled, you will be required to provide a second form of identification, such as a code generated by an authenticator app like Google Authenticator or Microsoft Authenticator, each time you log in.
Enforcing 2FA for All Agents (Admin Only)
As an admin, you can enforce 2FA for all agents to ensure the security of all accounts. Here’s how:
- Log in to your BoldDesk account as an admin.
- Navigate to Admin Settings.
- Click the Agent Portal option.
- Go to the Login tab.
- Select the Enforce two-factor authentication (2FA) for all agents option.
Once this setting is enabled, all agents will be required to set up and use 2FA each time they log in.
Disabling 2FA for Specific Agent
An option to disable 2FA for a specific agent is now available. Once disabled, the agent’s configured 2FA device will be removed.
- 2FA feature is only supported for BoldDesk form logins. It is not applicable for social or custom SSO logins.
- Two-Factor Authentication (2FA) for customers is enabled by default. However, to activate this feature, a customer must enable it within their profile settings.
2FA for Contacts (Customers)
Contacts use the BoldDesk Customer Portal to view and manage tickets, which may include personal or regulated information. Enabling 2FA for contacts strengthens account security and helps prevent unauthorized access to sensitive data.
How to enable 2FA in Customer Portal
-
Sign in to the BoldDesk Customer Portal.
-
Navigate to My Profile → Security.
-
Click Enable under Two-Factor Authentication.
-
Scan the QR code with your authenticator app.
-
Enter the 6-digit verification code and click Verify.
-
Save recovery codes securely.
Admin Assistance for Contacts
Admins now have two options for managing contact 2FA:
1. Enforce 2FA for All Contacts
To require every contact to set up 2FA:
- Navigate to Admin → Customer Portal Settings → Security tab.
- Under Two-Factor Authentication (2FA), enable the option:
- “Enforce two-factor authentication (2FA) for all users.”
- Save the changes.
2. Assist Individual Contacts
-
Resend recovery codes to help the contact regain access.
- When 2FA is enforced for all contacts, BoldDesk does not allow disabling 2FA for an individual contact if they lose access to their authenticator app.
Instead, administrators can resend recovery codes to help the contact regain access and reconfigure 2FA. - If a customer has lost their 2FA authentication, you may resend the recovery code to them. After logging into the portal with this code, the customer can re-activate 2FA within their profile.
Frequently Asked Questions (FAQs)
Q: Can agents choose their own 2FA method?
A: Yes, they can use any compatible authenticator app.
Q: Is 2FA mandatory for all agents?
A: Only if enforced by an admin.
Q: Can contacts use 2FA?
A: Yes, but they must enable it manually in their profile.
Q: What happens if a user loses access to their 2FA device?
A: Admins can send a recovery code to help them regain access.
