All new SaaS sub-accounts will now have to verify their email and phone number before the sub-account users can access their account.
TABLE OF CONTENTS
Protecting SaaS agencies from scammers who use VoIP numbers and disposable email IDs to create multiple sub-accounts.
How it works?
- We have put 2-Factor Authentication in place for sub-account admins when they login to their accounts for the first time.
- As soon as they log in, first we will send a verification code to their registered email address which they have to enter in order to proceed.
- After email verification, the sub-account admin is asked to enter an SMS enabled phone number which will then get a verification code that they have to enter to gain access to their account.
A phone number can NOT be used to create/verify another sub-account till 7 days after it has been used to verify a sub-account.
Bypassing 2-Factor Authentication
- There is no way for a sub-account admin to bypass the 2FA.
- Agency admins will have the option to manually verify a sub-account (without any code) from the sub-account's Manage Client page.
- 2FA is enabled by default for all SaaS agencies and sub-accounts, and can NOT be disabled.