2-step authentication is a great way to add an additional layer of security onto your Greenhouse account. Each user in your system can enable it for themselves to ensure all of your hiring information stays extra protected. In this article we will cover how to activate 2-step authentication for your organization and how users can enable it for their respective accounts.


Activate 2-Step Authentication for Organization

Before users can enable 2-step authentication on their own accounts, a user with Site Admin permissions needs to activate the feature for the entire organization. To do this, click the Configure icon Screen_Shot_2018-05-24_at_5.31.51_PM.png in the upper right-hand corner. 


From the Configure page, navigate to Permissions Policies on the left-hand panel.

Under the All Users header, place a check in the check box next to Allow users to configure 2-Factor Authentication on their accounts.


Users in your organization can now activate the feature on their respective accounts.


Enable 2-Step Authentication for Individual Account

Once 2-step authentication is activated for your entire organization an individual user can enable the feature by clicking Hi, Name in the upper right-hand corner and selecting Account Settings from the dropdown menu. 



From the subsequent page, navigate to the Two-Step Authentication panel on the right-hand side and toggle the button to ON.


The user will be prompted to provide a personal phone number for the 2-step authentication. Once a phone number is entered, click Send code.

A verification code will be sent to that phone number. The user should retrieve that code and copy it into the provided field. When finished, click Verify and Save.


2-step authentication is now enabled for this individual user account. If necessary, users can change the phone number used for 2-step authentication from the same panel by clicking Change your phone number. Additionally, users can return to a 1-step login process by toggling the button to OFF.

Once enabled, 2-step authentication will be required every time a user logs in, regardless of whether they're logging in with a password, a Google account, or a single sign-on provider like OneLogin or Okta. After entering this first password, the user will be greeted with a secondary login screen where they can enter the verification code that Greenhouse sends to their phone.

Clicking Remember this computer for 30 days means the user won't be asked for the verification code again when logging in on that same device, but accessing Greenhouse on a different computer, phone, or tablet will still require the verification code again.



Keywords: 2-factor, 2-factor authentication