Keeping your information secure is always at the forefront of everything we do. That's why HealthKit now offers you the option to set up two-factor authentication for your HealthKit account and practice group.

What's two-factor authentication (2FA)?
Two-factor authentication, or 2FA, is an extra layer of security for your HealthKit designed to ensure that you're the only person who can access your account, even if someone knows your password.

Two-factor authentication is optional for HealthKit and it helps ensure the security of online accounts beyond just a username and password by using a second verification process, which includes: SMS, email or Google Authenticator.

Setting up two-factor authentication for your practice group

If you have a full access account, you can set up two-factor authentication for yourself, your group, and practitioners in your practice.

Follow the step-by-step:

1. Go to the Profile tab > Users;
2. Next to your practice name, click on the cog wheel symbol;

3. Select the Two-factor settings for your practice between Enabled - optional, Enabled - mandatory, or Disabled;
4. Select the Two-factor method preference for users on the dropdown menu: Optional, SMS, Email, or Google Authenticator.
5. Click Submit.


Understanding two-factor authentication options for your practice

As you can see, HealthKit offers two-factor settings options for your practice as well method preferences for users in your group. Keep reading to understand which option is works best for your practice:

Two-factor authentication settings

Enabled - optional: Two-factor authentication is enabled to users in your practice, but they can choose to skip it when signing in or set it up if needed.

Enabled - mandatory: Two-factor authentication is mandatory to users, so they will need to set it up when they sign in to HealthKit.

Disabled: No preferences have been set at a group level, so users can choose to set it up if they need it.

Two-factor authentication method preference for users

Optional: Users in your practice can choose their preferred authentication method.

SMS, Email or Google Authenticator:
Users will be able to use one of these options depending on your two-factor authentication settings.

If you have selected Enabled - optional, users can choose on of the three when signing in. If you have selected Enabled Mandatory, users will need to use the one option you've selected between SMS, email or Google Authenticator.


Learn how to set up two-factor authentication (2FA) for your account here