Knowledge Base

Topics
Where to find it
Authenticator app

2FA: two-factor authentication

JT
Jenny Takahara, August 23, 2024
Note: Due to differing protocols, Pipedrive’s two-factor authentication can’t work alongside the “Log in with Google” function or the single-sign-on feature of the Advanced, Professional, Power and Enterprise plans. We suggest your company choose the option that best fits its security needs.

Your Pipedrive account contains valuable business information, customer data and possibly access to other integrated tools. It’s your business's lifeline, so you should always protect it.

A strong password can help to keep your account and data safe, but it’s vulnerable to data breaches, guessing, and phishing.

Two-factor authentication, or 2FA, adds another layer of security to your personal information and we strongly suggest enabling it for your Pipedrive user account


Where to find it

To access two-factor authentication, go to Personal preferences > Password and login > Two-factor authentication (2FA) and enable either the authenticator app or verification link options for your user account in Pipedrive.

Note: The two-factor authentication verification link can be opened through the mobile app, however, it must be set up in the web app. Once two-factor authentication is set up on the account, a verification email will be sent when you log in via the mobile app, just as it does when logging in through the web app.

Authenticator app

Implementing two-factor authentication (2FA) with an authenticator app significantly enhances account security by requiring a second form of verification beyond the traditional username and password. This reduces the risk of unauthorized access, as attackers would need both the password and the physical device to generate the authentication code.

Benefits of 2FA with an Authenticator App

  • Enhanced Security: Authenticator apps generate time-sensitive codes, making it difficult for attackers to gain access even if they have the user’s password
  • Protection Against Phishing: Since the code is generated on a separate device, phishing attempts to steal passwords are less effective
  • Reduced Account Compromise: Data breaches involving password theft are mitigated as the second factor is required for access
  • User Control: Users have more control over their account security with an additional layer of protection

To enable this option, click on “Connect authenticator app”.

Once you click on it, for security purposes, you may be asked to re-enter your password.

Then, you’ll need to connect your Pipedrive account to the authenticator app of your preference. There are two ways to do it:

  • Scan the QR code with your authenticator app
  • Enter a 6-digit code from your authenticator app

After successfully connecting your authenticator app, you’ll see a screen with backup codes.

These codes can be used to access your account if you lose access to your authenticator app.

Note: We recommend saving these codes in a secure location by either downloading them as a TXT file or copying them to your clipboard. They should be stored in a password manager, printed on a piece of paper or similar. Misplaced or exposed codes can compromise account security.

Once the 2FA with the authenticator app is successfully set up, you’ll receive an email confirming the changes.

Note: If you didn’t set up the authenticator app and suspect your account might be compromised, contact our support team immediately.

Verification link

We always recommend using the authenticator app as the second layer of protection for your account. If, for any reason, you can’t use one, there’s a simpler but less secure 2FA option available as well: a verification link via email.

Be mindful that since your password can also be reset via the same email, an attacker only has to compromise your email inbox to take over your account.

When enabled, logging in to Pipedrive will prompt an email to be sent to the email address you use to log in to Pipedrive with a verification link that will allow you access to your Pipedrive account.

You need to open the verification link from a native email app, such as Gmail, Microsoft Outlook, ProtonMail, etc. That same email will provide you with information about where that verifiable login occurred in the world.

Note: If you find that the information presented on that email does not match your login attempt, we suggest changing your login credentials, as someone may be attempting to gain access to your account.
Was this article helpful?

Yes

No

Related articles

Got any questions?

Contact us