Multi-factor Authentication

DayBack allows you to add two-factor authentication (2FA) to your sign-in routine. This offers more security than using usernames and passwords alone.

Multi-factor auth is not available inside Salesforce, since users don't log into DayBack there and their access is managed by Salesforce's permissions with their own 2FA options. It's available when using DayBack in FileMaker, in a browser at app.dayback.com, and when using DayBack connected to Salesforce over DayBack's Salesforce Connect.

Getting Started

Navigate to DayBack's admin settings, or your profile settings if you're not an admin.

In the calendar's left-hand sidebar, click the gear for "Settings," then click the "Administrator Settings" or "My Settings" button toward the bottom of the sidebar. Alternatively, click "Admin Settings" from the 3 dots (or green envelope) menu in the upper right of the calendar.

Next, click on your email address in the left-hand sidebar, and you'll arrive at the User Settings screen, where you'll see a button to configure Multi-factor Authentication.

When you click "Multi-factor Authentication," you'll be asked to sign in again.

Once you do, you'll be able to select your authentication method. Choose SMS to authenticate using a code sent to your phone, or choose Authenticator App to use a one-time password from an app like Google Authenticator or 1Password.

You'll then be asked to enter your mobile phone number. Enter that and click "Send Code" to receive an SMS to your phone. Once you enter that code back into DayBack, your multi-factor authentication will be all set up.

Managing or Disabling Multi-factor Authentication

You can turn multi-factor authentication off or change your phone number. Navigate to DayBack's settings, click Multi-factor Authentication, and log in as described at the beginning of this article.

Once you're in, you'll see your selected authentication method and a red trash can beside it. Click the trash can to turn multi-factor off.

You also received an email when you set up this additional authentication method, and that email contains a link to turn it off. The email came from [email protected] with the subject "You've added 2 step verification to your DayBack account."

To switch to a different phone number, click "SMS Text Message" and enter a new number. You'll be sent a confirmation code to the new number after clicking "Send Code." Enter that confirmation code and you're all set.

Requiring Multi-Factor Authentication for All Your Users

DayBack admins can require MFA for all their users by visiting the "Misc" section of Admin Settings and turning the requirement on. Existing users will be prompted to configure an MFA method when they next load DayBack (even if they have selected "remember me" when logging in).

Other Authentication Combos

If you set up users to access DayBack without logging in, either by using their access token in DayBack's URL or by setting up automatic login in FileMaker, DayBack will not prompt for multi-factor confirmation even if you have set the calendar to require it. Using one of these methods is explicitly bypassing authentication, and that includes bypassing any MFA components.

Related Articles