Two-Factor Authentication

security Enabling Two-Factor Authentication can add a second layer of protection to your account. We highly recommend enabling this for additional security for your account that has access to PHI. This combines:

  • Something you know (password)
  • Something you have (phone)
Even with the right username & password, it won't be enough for them to gain access to your account & sensitive PHI.

Once enabled, when you sign in from a browser we don't recognize we send a single-use code to your phone. Enter it, and you're in!

In this Article:

For Owners or Managers:

For Staff:

For Clients:

For Everyone:

Require Two-Factor Authentication

Required Role: Owner or Manager

As an owner or manager, you can set the system to require 2 factor authentication for just staff, or staff + clients. If enabled, users will be required to configure text or voice call two-factor authentication on their next sign-in.

To manage this:

  • From any screen click (top right):



  • Then click Security (top tab)
  • Find the top section Security and Compliance Settings
  • Change Require Two-Factor Authentication to your desired setting (no, all practice staff, or all staff and clients)


For more information about this, check out our Practice Settings article.

Enable Two-Factor Authentication (staff)

As the staff member at a practice, to enable this:

  • From any screen click your name (top right):


  • From the popup, underneath your name and practice click
  • You'll then see your profile
  • Click Security (top tab)
  • Find the section Two-Factor Authentication
  • Click (top right of section):



  • Re-enter your password to confirm this action
  • Then follow the setup wizard:


  • Enter your phone number first
  • Confirm the two-factor method (bottom left):
    • phone_iphone text/sms (default)
    • mail phone/voice call
  • When done, click (bottom right):
  • Enter the 8 digit code that was delivered
  • Didn't get it? Click (bottom left)
  • When done, click (bottom right):


celebration Congratulations! You've successfully set up two-factor!

Once Enabled → On Unrecognized Devices

When you sign in from a computer we don't recognize, we will send a single-use code to your phone for you to enter during sign in.

The prompt will look similar to below:


  • Enter the new code, select the correct authorize option, and click (bottom right)
  • Didn't get the code? Click (bottom right)

stream_apps Remember your device

  • If you opt to remember your device, we will remember it for 1 year
  • After a year, you will be re-prompted for your two factor code.
  • If you are already signed in, and the 1 year mark hits, you may receive a few text messages spaced as quick as a few minutes apart, not to worry
  • Simply close the window and return to our sign in page here and re-authenticate.
Note:If you have any concerns over your account activity and wish to review, please check out our Login History article, or send support an email and we can review with you!

error Seeing this message on a browser and think you shouldn't be?

We store cookies on your browser to recognize you, but if you:
  • clear cookies
  • login on a different browser (even on the same computer)
  • use more strict privacy settings, including clearing cookies on browser close
  • or use private/incognito modes

You will likely see this message.

Managing or Disabling Two-Factor Authentication (staff)

You may need to manage or disable your or your staff's two-factor authentication for certain reasons. Or for example a provider can't sign in and they didn't bring their phone for the day.

Here's how:

  • From any screen click your name (top right):

  • From the popup, underneath your name and practice click
  • You'll then see your profile

Are you an Owner or Manager?

You'll also notice an additional ribbon near the top, allowing you to quickly switch between other staff member profiles. Click the dropdown shown here:


  • Click Security (top tab)
  • Find the section Two-Factor Authentication at the bottom:


  • Click (top right of section) to completely disable two-factor
    • Follow the prompts
    • This is not recommended unless you are encountering issues
  • If you wish to simply change the authentication type, including phone number and delivery options, click Change (far right) instead and follow the prompts

Enable Two-Factor Authentication (clients)

Once signed in, clients would go:

1. From the Home screen:

  • If not set up, find the top center section Account Set Up
  • To the right click the arrow →


2. From the Profile:

  • Click your name on the top right and select Your Profile
  • On the far right menu find the Two-Factor Authentication
    • On a smaller screen? Click the top right button
  • Click the toggle_off toggle to begin the process


  • Re-enter your password to confirm this action, then follow the setup wizard:


  • Enter your phone number first
  • Confirm the two-factor method (bottom left):
    • text/sms (default)
    • or phone/voice call
  • When done, click (bottom right):
  • Enter the 8 digit code that was delivered
  • Didn't get it? Click (bottom left)
  • When done, click (bottom right):


celebration Congratulations! You've successfully set up two-factor!

Managing or Disabling Two-Factor Authentication (clients)

With two-factor already set up for your client, you can manage that if there are any hangups (ex: client gets new phone number):

  • From any page, click your name (top right menu)
  • Then click
  • Find the right menu, beneath the username find Two-Factor Authentication
    • On a smaller screen? Click the top right button
  • Click the blue toggle toggle_off to disable two-factor:


  • Once you confirm the prompt, you'll see this signifying two-factor is disabled: