Enabling two-factor authentication
  • 28 Jul 2023
  • 3 Minutes to read
  • Dark
    Light
  • PDF

Enabling two-factor authentication

  • Dark
    Light
  • PDF

Article Summary

Airtable supports two-factor authentication (also known as 2FA or two-step authentication) for greater account security.

Two-factor authentication adds a second level of authentication to your Airtable account login. So, in addition to your email/username and password, you (or anyone trying to log into your account) will need to have some extra information or a physical device of yours. By choosing a second authentication factor, you can protect user logins from remote attacks that may exploit stolen credentials.

Note that you can only set up two-factor authentication with Airtable if you create an account using an Airtable password and email—if you log in with a Google account, you can't set up two-factor authentication this way (but you can set up two-factor authentication on your own Google account).


Enabling two-factor authentication for your Airtable account

To enable two-factor authentication on your Airtable account, go to your account page at https://airtable.com/account. You can also access your account page by clicking on your user icon in the top right corner of the screen, then clicking the "Account" option from the dropdown menu.

360005005733ScreenShot2018-05-09at82942PM1.png

Once on the account page, click on the option to Set up two-factor authentication (2FA) next to your profile picture.

360004968394ScreenShot2018-05-10at14643PM1.png

You'll need to sign in again for extra security. Next, you'll be asked to confirm whether or not you want to enable two-factor authentication—click the blue "Enable" button.

115014225487ScreenShot2017-06-05at11315PM1.png

Then you’ll need to set up an authenticator app that you can use to receive security codes without receiving a call or a text message or needing an internet connection. The page will generate a QR code to configure an authenticator app on your phone. We recommend you use an authenticator app that supports cloud backups of accounts stored within the authenticator app.

360083024454Screenshot2020-08-06at0831221.png

After configuring your authenticator app and entering a verification code, your account's two-step authentication is enabled, returning you to the 2FA configuration page. Make sure you save your backup codes securely to prevent losing access to your account.

208244508ScreenShot2016-06-14at110950AM1.png

Backup options

In case you lose your phone and do not have cloud backups enabled for your authenticator app, there are some backup options for you to recover your account.

Under the Backup options section of the 2FA page, there's a section that says, "Show single-use backup codes." Clicking this will reveal a list of 12-character backup codes. If you lose your phone or cannot receive or generate authentication codes, each can be used only once to access your account. Ensure you write these down or copy them into a safe place to access them without entering your account.

If you are afraid that your list of backup codes has been compromised, you can regenerate the backup codes by clicking the "regenerate" option here.

FAQs

 I have another account that uses a phone number to get my security codes, why isn’t that an option anymore?

We deprecated support of SMS security codes for new customers. Authenticator apps are a more secure way of supporting two-factor authentication. If your account currently has a phone number associated with it, you can continue receiving codes via SMS, but you will not be able to change or update that phone number. Users with workspaces on paid tiers can still use a phone number to receive their security codes. You can permanently disable two-factor authentication if you do not want to use an authenticator app.

Can two-factor authentication (2FA) be enforced for other users that have access to my base or workspace?

Two-factor authentication (2FA) can only be enforced for Enterprise FAQs using SSO.

Why am I receiving “Error submitting phone number; please try again.” or “Invalid phone number” when attempting to authenticate?

There are two potential reasons for receiving the above error messages:

  • If a phone number is entered incorrectly 3 times, users are required to wait 24 hours before trying again due to daily 2FA limitations.
  • Due to changes in restrictions, we cannot send SMS to numbers based in Singapore or Russia.

I set up two-factor authentication (2FA) but lost access to my second authentication method. What can I do?

If you can no longer access your second authentication method, click Problems getting an authentication code?

  • This link will allow you to view all of your options for authentication. If you saved the backup codes provided when you set up 2FA, you can enter one by selecting Use a backup code.
  • If you are still unable to access your account, please contact our support team.

Was this article helpful?