Securing your practitioner account with multi-factor authentication (MFA)

Overview

Protect sensitive information in your Fullscript account by adding multi-factor authentication (MFA) in a few quick steps! You can get peace of mind knowing that your financial, staff, and patient data is protected by an added layer of security. 

When you set up multi-factor authentication on Fullscript, you’ll be asked to choose one of two security methods:

• Authenticator app: (recommended) Download an authentication app, such as Google Authenticator, Microsoft Authenticator, LastPass Authenticator, or Twilio Authy Authenticator, to receive login codes. 
• SMS: We’ll send a text with an authentication code to the phone number associated with the account.

Enabling multi-factor authentication: Authenticator app option

You can enable multi-factor authentication and log in with one-time codes from an authenticator app, such as Google Authenticator, Microsoft Authenticator, LastPass Authenticator, or Twilio Authy Authenticator.

To enable multi-factor authentication using an authenticator app:

1. Under the Manage heading in the navigation bar, click Settings.
2. Click Account.

   

3. Select the Security tab.

   

4. Under the Login information, find Multi-factor authentication and click Set up.

   

5. Select Use an authenticator app, then Next.
6. Download or open the authenticator app on your mobile device.
7. Click Next on the web app.

   

8. Using your mobile device, scan the QR code or manually enter the code in your authenticator app.
9. Enter the one-time code from your authenticator app and click Next.

   

10. Copy your backup code or take a screenshot of it and store it in a private folder on your device.

8. Then, click Done.

   

Enabling multi-factor authentication: SMS option

You can enable multi-factor authentication and log in with one-time codes sent to your phone via SMS.

To enable multi-factor authentication using SMS:

1. Under the Manage heading in the navigation bar, click Settings.
2. Click Account.

   

3. Select the Security tab.

   

4. Under the Login information, find Multi-factor authentication and click Set up.

   

5. Select Use text message and click Next.
6. Enter your mobile number and select Send code to receive a one-time code.

   

7. Enter the code sent to your mobile device and select Next.

   

8. Copy your backup code or take a screenshot of it and store it in a private folder on your device.

Logging in with a code

Using a one-time code

When multi-factor authentication is enabled, we’ll ask you for a one-time code in addition to your password each time you sign in to confirm your identity.

To log in with your one-time code:

1. Log into your Fullscript account with your email address and password.
2. Enter the one-time code that was sent to your phone or generated from your authenticator app.
3. Click Next.
   

Using a backup code

If you’ve lost access to your multi-factor authentication method, use a backup code to access your account instead. Backup codes are provided during set up, with prompts to copy and store them securely.

If you’ve saved a backup code:

1. Sign in with your email and password.
2. When asked for your one-time code, click Use backup code to sign in.

   

3. Type in the backup code you were given when you set up multi-factor authentication.
4. Click Next.
5. You’ll be given a new backup code, as the previous one is now expired. Copy and securely store that backup code.

   

6. Click Next to complete the login process.

If you need a new backup code, you can generate a new one from the Security tab on your Account settings page. We highly recommend storing backup codes in a safe place in case you lose access to your MFA method.

To generate a new backup code for future use:

1. Next to Multi-factor authentication, click Manage.
2. Under the Backup code heading, click View.

   

3. Click Generate a new code to get a new backup code. You can then copy the code and save it securely for future use.

   

Logging in without a code

With multi-factor authentication enabled, you’ll need a one-time code or a backup code to log in. If you can’t access either, contact our customer support team to recover your account.

Adding a trusted device

Once multi-factor authentication is set up, you can mark a device as trusted the next time you sign in. This lets you skip the extra authentication steps on future sign-ins.

To mark a device as trusted, click the Trust this device checkbox when you provide your one-time code. Then click Next to sign in and complete the set up process.