Learn More About Click to Buy's

Two-Factor Authentication (2FA)

What is Two-Factor Authentication (2FA)?

Your customers trust you with their credit card information, and we take that responsibility seriously. Two-factor authentication (2FA) is an extra layer of security that makes it difficult for somebody else to sign in as you—even if they somehow get hold of your password. Think of 2FA like having two locks on your front door. Your password is the first lock, and the 6-digit code from your phone is the second. Both are required to get in.

After you enter your password as usual, you’ll be asked to enter a 6-digit passcode. You can get the passcode from a text message (SMS) or a two-factor authentication app installed on your mobile device.

How It Works

Every time you log into your Click to Buy Admin, you’ll follow these simple steps:

  1. Enter your email and password (just like always)
  2. Get a 6-digit code from either:
    • A text message sent to your phone, OR
    • An authenticator app on your phone
  3. Enter the code to complete your login

The whole process takes about 20 seconds and ensures your customer data stays locked down tight.

Setting Up 2FA

If 2FA is not configured, you’ll see a pink “Security Update” banner on your location Dashboard. Click on the Visit your profile link OR hover over your email (upper right corner of the CtB Admin) and select Edit Profile.

Pink prompt in Click to Buy Admin showing that 2-factor authentication is not setup.Both of these links will take you to the Edit Profile page. Scroll down to see the Two-Factor Authentication Methods section to view the two authentication options: Authenticator App & SMS/Text Message.

Option 1: Authenticator App (Recommended)

Authenticator apps are more secure and work even when you don’t have cell service. You can also connect this to your password managers like 1Password & LastPass to auto-generate & authenticate for you (highly recommended).

View of CtB 2FA Authenticator App

Setup Steps:

If you don’t already have an authenticator app on your phone, visit the best app store to download one. Popular options include Google Authenticator, Authy, and Microsoft Authenticator.

  • On the Edit Profile page, select the Enable Authenticator App button (shown above)
  • Open your authenticator app and select Add Account or Scan QR Code
  • Step 1: Point your phone’s camera at the QR code on your screen OR Enter the Setup Key
  • Step 2: Enter the 6-digit code generated by your app. Click the “Enable Authenticator 2FA” button
  • Step 3: Copy or print your recovery codes in a safe place. Recovery codes can be used to access your account if you cannot receive two-factor authentication.

How it works going forward

  • Enter your email & password on the CtB Login Page
  • Open your authenticator app and enter the current 6-digit code.

Option 2: Text Message (SMS)

This is the simplest option—perfect if you want to keep things straightforward.

View of the CtB 2FA Authentication App Method interface

Setup Steps:

  • Select the “Enable SMS/Text Message” button
  • Step 1: Enter your mobile phone number (must be able to receive text messages). Click Continue.
  • Step 2: Check your phone for a text with a 6-digit code. Enter the code and click “Verify Code.
    • If you don’t receive it, click the “Resend code?” link

How it works going forward:

Each time you log in, we’ll text you a 6-digit code that’s valid for 60 seconds.

Frequently Asked Questions

Some of the most common questions related to Two-factor Authentication can be found here.

Yes.
Credit card data requires the highest level of protection. 2FA significantly reduces the risk of unauthorized access, helping protect both your business and your customers.

Yes. Unlike some systems that remember your device for 30 days, Click to Buy requires 2FA verification with every login to maximize security for your customer data.

Not really.
The extra 20-30 seconds for 2FA is a small price to pay for the peace of mind that comes with knowing your customer data is secure. Most users quickly adapt to the routine. To reduce the login time to 2-3 seconds, we highly recommend using the built-in authentication functionality of trusted password services like 1Password and LastPass.

Absolutely!
Most authenticator apps can handle multiple accounts. Just add Click to Buy as a new entry.

100% – we highly recommend setting both up.
Using both the authentication app and SMS method gives you multiple ways to login and give you an added layer of backup protection.

If you travel internationally, we recommend using the Authenticator Apps method over the SMS/Text Message method as some text messages may not be delivered or incur additional charges.

Yes, however, it is not recommended.
Access to sensitive data like CtB Orders & Purchases will be hidden if 2FA is not enabled.

Need Help?

If you run into any issues setting up or using 2FA, please contact your local CtB Admin or Location Manager to see if they can help troubleshoot & resolve the issue. If you are still unable to resolve the issue, please contact [email protected].