Skip to main content
All CollectionsAdministration & CollaborationPermissions, Security and Data Protection
Password and Account Security
Password and Account Security

Secure your account and restrict access with two-factor authentication and IP addresses

Mareike Kittner avatar
Written by Mareike Kittner
Updated over 7 months ago

Password and account security are important to protect your and your customers' data from misuse. You can achieve optimal protection with our custom password requirement options, two-factor authentication, IP restriction, and emergency options.

πŸ‘‘ Some of these customisable security options are only included in certain Facelift plans. Find out about plans and prices β†’ here.

Password Policies

Two-Factor Authentication

IP Restrictions

Emergency Options

πŸ’‘ While at least one browser tab is open, the login session is kept open, and no automatic logout is carried out. If no active tabs are left, a login session will automatically be closed after 30 minutes of inactivity.

Password Policies

To define password rules, in the settings go to Security > Password Policies β†’. You must enter your password again before you can make any changes. You can adjust the following settings individually:

  • Complexity: Should a password contain special characters/case sensitivity?

  • Length: What is the minimum number of characters a password must have?

  • Expire Days: How long should a password be valid before it has to be changed?

  • Password History: How many past passwords should Facelift store? These saved passwords are not available for creating a new password.

  • Invalid Login Attempts: How often may the password be entered incorrectly before the user is locked out?

The user will receive an email notification and a visual cue on the login screen should they have been locked out due to too many invalid login attempts. In this case, the designated admin closest to the user in the team structure will be notified.

Two-factor authentication

Two-factor authentication (2FA) enhances security by requiring two forms of identification before granting access

  1. Entering your Facelift password

  2. Entering a short security code from any two-factor authentication app from the Play Store or App Store

After initially logging in with two-factor authentication, you can opt to save your data. Subsequent logins from the same browser and location won't require re-entering the security code. However, if you or an attacker attempt to log in from a different browser or location, the security code will be necessary again, ensuring both convenience and security for your login process.

Setting up two-factor authentication as a user

Two-factor authentication (2FA) can be set up either by a Company Admin or voluntarily by anyone for themselves. The procedure is the same. You can find the setting in your user account.

  1. First, download an app for two-factor authentication to your smartphone, such as Microsoft Authenticator or Google Authenticator.

  2. Open the two-factor app on your smartphone. The app needs access to your camera to run smoothly.

  3. Scan the QR code that is displayed in the menu for the two-factor authentication of Facelift.

Here you can also cancel the voluntary 2FA at any time. However, if your Company Admin has made the 2FA mandatory, you cannot make any changes.

Setting up two-factor authentication as a Company Admin

In the settings under Security > Two-Factor Authentication β†’, Company Admins can determine whether Facelift users must use two-factor authentication to log in to Facelift. By default, two-factor authentication is voluntary for all users.

If you select Mandatory, all users must create two-factor authentication the next time they log in. Otherwise, they will no longer be able to log in to Facelift.

πŸ’‘ We recommend that you announce a mandatory two-factor authentication with some prior notice so that your team members are not surprised by the change.

Resetting two-factor authentication

If you have lost your mobile phone or are otherwise unable to obtain your login code, your Company or Team Admin can reset the two-factor authentication for you in the user overview.

If you are the only admin for your company and cannot log in, please contact our support team.

IP address restrictions

As an admin, you can restrict your teams' access to Facelift via IP addresses under Security > IP Restrictions β†’. For instance, if you wish to restrict access to Facelift solely to the work network, you can specify particular IP addresses or ranges. Attempts to log in from locations outside these defined parameters will be rejected.
​
Additionally, you have the option to allow access via the Facelift Mobile App and Amplify (formerly Social Share) App even when outside the IP restrictions.
​

Emergency options

Under Security > Emergency Options β†’ in the settings, you can reset passwords or instantly freeze all user accounts, with immediate notification to all users.
​
If you reset passwords, users must create new ones upon their next login, although currently logged-in users remain unaffected until their next attempt to log in.
​
Blocking user accounts allows only Company Admins to access Facelift. Logged-in users will not be logged out immediately. Only a Company Admin can unblock a user account, a simple process requiring just two clicks.

πŸ’‘ Posts that have already been scheduled will be published despite the blocking. The account lock does not influence scheduled posts, access tokens, etc.

Related Articles
The Activity Log
Permission Sets
Access Token
Instagram
Connecting to Facebook Insights
Did this answer your question?