Last modified: December 19, 2024
Securing your patient account with multi-factor authentication (MFA)
Overview
Keep sensitive information between you and your practitioner by adding multi-factor authentication (MFA) in a few quick steps! Get peace of mind knowing that your health and financial data is protected by an added layer of security on Fullscript.
When enabled, anyone attempting to access your account will need to enter your password and an authentication code to log in successfully. This added security measure is optional.
You can choose between one of two security methods:
- Authentication app (recommended): Download an authentication app, such as Google Authenticator, Microsoft Authenticator, LastPass Authenticator, Twilio Authy Authenticator, etc. to receive one-time login codes.
- SMS: We’ll send a text with an authentication code to the phone number associated with the account.
Note:
You can’t enable or disable multi-factor authentication (MFA) in the mobile app. To manage your MFA settings, log in to your account through a web browser on your desktop or mobile device.
Setting up multi-factor authentication from your Account settings
To set up multi-factor authentication:
- Click your avatar or initials from the navigation bar.
- Click My account.
- Under Password, find multi-factor authentication and click Set up.
- Then, choose the security method you want to use and follow the on-screen instructions.
Enabling multi-factor authentication: Authenticator app option
You can choose to enable multi-factor authentication and log in with one-time codes generated by an authenticator app, such as Google Authenticator, Microsoft Authenticator, LastPass Authenticator, or Twilio Authy Authenticator.
To enable multi-factor authentication using an authenticator app:
- After clicking Set up in your Account settings, select Use an authenticator app.
- Click Next.
- Download or open the authenticator app on your mobile device.
- Back in Fullscript, click Next.
- Using your mobile device, scan the QR code or manually enter the code in your authenticator app.
- Enter the one time code from the app in the One time code field.
- Click Next.
- Copy your backup code or take a screenshot of it and store it in a private folder on your device.
Reminder:
Store your backup code in a secure, accessible location in case you can’t receive a one-time code. If you lose your backup code and can’t get a one-time code, contact our customer support team for help recovering your account.
- Then, click Done.
Enabling multi-factor authentication: SMS option
You can choose to enable multi-factor authentication and log in with one-time codes sent to your phone via SMS.
Tip!
If you have previously unsubscribed from SMS messages or you are not receiving sms messages, please try texting “fs” or “subscribe” to +1 (343) 700-4381
To enable multi-factor authentication using SMS:
- After clicking Set up in your Account settings, select Use text message.
- Click Next.
- Enter your mobile number.
- Click Send code.
- Enter the code sent to your mobile device and select Next.
- Copy your backup code or take a screenshot of it and store it in a private folder on your device.
Reminder:
Store your backup code in a secure, accessible location in case you can’t receive a one-time code. If you lose your backup code and can’t get a one-time code, contact our customer support team for help recovering your account.
- Click Done.
Logging in with a code
Using a one-time code
When multi-factor authentication is enabled, we’ll ask you for a one-time code in addition to your password each time you sign in to confirm your identity.
To log in with your one-time code:
- Log into your Fullscript account with your email address and password.
- Enter the one-time code that was sent to your phone or generated from your authenticator app.
- Click Next.
Tip!
If you are unable to access your phone or authenticator app, click Use backup code to sign in.
Using a backup code
If you’ve lost access to your multi-factor authentication method, use a backup code to access your account. Backup codes are provided during set up, with prompts to copy and store them securely.
To sign in to your account with a backup code:
- Sign in with your email and password.
- When asked for your one-time code, click Use backup code to sign in.
- Type in the backup code you were given when you set up multi-factor authentication.
- Click Next.
- You’ll be given a new backup code, as the previous one is now expired. Copy and securely store that backup code.
- Click Next to complete the login process.
Logging in without a code
With multi-factor authentication enabled, you’ll need a one-time code or backup code to log in. If you can’t access either, contact our customer support team to recover your account.
Adding a trusted device
Once multi-factor authentication is set up, you can mark a device as trusted the next time you sign in. This lets you skip the extra authentication steps on future sign-ins.
To mark a device as trusted, click the Trust this device checkbox when you provide your one-time code. Then click Next to sign in and complete the set up process.
Note:
You may need to authenticate again if your device details change.
Multi-factor authentication on iOS and Android
You can’t enable or disable multi-factor authentication in the mobile app. To manage your MFA settings, log in through a web browser on your desktop or mobile device. If your device supports FaceID, you can use it to bypass MFA during sign-in.
