Chargebee's Two Factor Authentication feature allows you to secure your Chargebee site with both a password and an additional code (valid once). It ensures that only authenticated users can access the site, keeping your sensitive payment and sales information safe, and affording you greater peace of mind.
Two factor authentication is easy to set up and will keep your account safe from unwanted access, even if your password is compromised. To set it up, log into Chargebee and follow these steps
Navigate to your Profile page from the Navigation Bar in your site (Username > Edit Profile).
Click the Setup Now option in the Two Factor Authentication section.
You will be presented with a QR code to scan using the authenticator app on your mobile device.
Enter the 6-digit code that appears within your authenticator app and click Submit. This will connect your authenticator app with Chargebee.
Having successfully set up 2FA, you can use the 6-digit code generated by your authenticator app the next time you are logging into Chargebee.
You can disable the 2FA feature at any time by clicking the Disable option in the 2FA section on your Profile page. Once disabled, your account will be secured by your password alone. If you would like to enable 2FA once again, follow steps 1-5 again.
It might be that you don't have access to your mobile device/authenticator app. Chargebee's recovery codes will come in handy at times like these. Enter one of your recovery codes when you don't have access to your authenticator app and you'll be able to access your account.
You can download your recovery codes by navigating to your Profile from the Navigation Bar (Username > Edit Profile).
Each recovery code is valid once. You cannot use the same recovery code twice.
You can generate new recovery codes at your convenience. Click the Generate New Codes option on your Profile page (Username > Edit Profile) to generate a new set of codes to download.
Recovery codes are available for download as a .TXT file.
It might be difficult to employ two factor authentication every time you are logging in to Chargebee, so the 2FA feature comes with a Remember me on this device for 30 days option. Enabling this option after you have setup two factor authentication means you won't have to use your authenticator app for the next 30 days. Added security, no extra hassle.
If there are multiple people using your site, security might be a concern. To set up an authentication policy for all the users of your site, check out our users page .
If you lose your phone or otherwise don't have access to your mobile authenticator app, you can use Chargebee's recovery codes to log into your account. Remember to download your recovery codes after you finish setting 2FA up for you site. More on Recovery Codes here.
In case you don't have access to your mobile authenticator app and your recovery codes, contact firstname.lastname@example.org . Once we verify that an authorised user is trying to access the site (remember to send a mail out from your registered email id), we will disable 2FA in your site so that you can login with your password alone. You will have to set your 2FA up once again after you login.