Password and account security are important to protect your and your customers' data from misuse. With our custom password requirement options, two-factor authentication, IP restriction and emergency options, you can achieve optimal protection.

Password Policies

Two-Factor Authentication

IP Restrictions

Emergency Options


Password Policies

To define password rules, go to the Admin Settings Security in the settings and there to the editing. To do this, you must enter your password again before you can change them. You can adjust the following settings individually:

  • Complexity: Should a password contain special characters/case sensitivity?

  • Length: What is the minimum number of characters a password must have?

  • Validity period: How long should a password be valid before it has to be changed?

  • Password history: How many past passwords should facelift store? These saved passwords are not available for creating a new password.

  • Invalid login attempts: How many times may the password be entered incorrectly before the user is locked out?

The user will receive both an email notification and a visual cue on the login screen should they have been locked out due to too many invalid login attempts. In this case, the designated admin closest to the user in the team structure will be notified.

Two-factor authentication

Logging into facelift simply consists of two steps with two-factor authentication to protect your data in the event of a cracked password:

  1. You enter your facelift password.

  2. You enter a short security code from any two-factor authentication app from the Play Store or App Store

After the first login with two-factor authentication, you can save your data. The next time you log in with the same browser and at the same location, you do not need to enter the security code again. If you (or an attacker) use a different browser or a different geo-location, the security code must be entered again. This keeps your login convenient and yet secure.

๐Ÿ‘‰ Setting up two-factor authentication as a user

Two-factor authentication (2FA) can be set up either by a Company Admin or voluntarily by anyone for themselves. The procedure is the same. You can find the setting in your user account.

  1. First download an app for two-factor authentication to your smartphone, such as Microsoft Authenticator or Google Authenticator.

  2. Open the two-factor app on your smartphone. The app needs access to your camera to run smoothly.

  3. Scan the QR code that is displayed in the menu for the two-factor authentication of your facelift.

Here you can also cancel the voluntary 2FA at any time. However, if your Company Admin has made the 2FA mandatory, you cannot make any changes.

๐Ÿ‘‰ Setting up two-factor authentication as a Company Admin

Company Admins can determine in the Admin Settings Security whether facelift users must use two-factor authentication to log in to facelift. By default, two-factor authentication is voluntary for all users.

If you select Mandatory for all users, all users must create two-factor authentication the next time they log in. Before that, they will no longer be able to log in to facelift.

๐Ÿ’ก We recommend that you announce a mandatory two-factor authentication with some prior notice so that your team members are not surprised by the change.

๐Ÿ‘‰ Resetting two-factor authentication

If you have lost your mobile phone or are otherwise unable to obtain your login code, your Company or Team Admin can reset the two-factor authentication for you in the user overview.

If you are the only admin for your company and are unable to log in, please contact our support team.

IP address restrictions

As an admin, you can restrict your teams' access to facelift via IP addresses in the Admin Settings Security. For example, if you only want to allow access to facelift from the work network, you can define specific IP addresses or IP ranges. If users subsequently attempt to log into facelift from outside the defined addresses, they will be denied access.

You can also configure that access through the facelift Mobile App and Social Share App should also be possible outside the IP restrictions.

Emergency options

In case of an emergency, you as an admin have the option to immediately reset all passwords in the Admin Settings Security or to immediately freeze all user accounts. All users will immediately receive an email notification about the process.

If you reset all passwords, all users of your facelift must set a new password the next time they log in. Users who are already logged in will not be logged out immediately, but will not be able to log in again.

If you as an admin block the user accounts, only Company Admins can log into facelift. Users who are already logged in will not be logged out immediately. Only a Company Admin can unblock a user account. Don't worry, unblocking can be found in the same place and only takes two clicks.

๐Ÿ’ก Posts that have already been scheduled will be published despite the blocking. The account lock has no influence on scheduled posts, access tokens, etc.

Did this answer your question?