Continuing our efforts to maintain best practices and security standards, we're happy to announce that two-factor authentication is now available for your Talkdesk account!
Two Factor Authentication (also known as 2FA) adds an extra layer of security to make sure that only permitted agents can access Talkdesk. You will still enter your username and password however, instead of immediately gaining access, you will be required to provide another piece of information. This second factor could come from one of the following categories:
- A physical USB Security Key.
- An access code generated by an Authenticator App on their mobile device.
This means that, even if someone stole your password, they still wouldn't be able to access the account without your mobile device or security key.
Enabling two-factor authentication isn't required to access Talkdesk, but we highly recommend it!
Admins can enforce 2FA on all agents. When 2FA is enforced, it's mandatory for all agents to enable two-step verification on their own account settings.
Note: By enabling this setting, upon save, any agent without a two-factor authentication (2FA) method will be logged out and will have to configure at least one 2FA method on their next login in order to use Talkdesk.
Enabling two-factor authentication
To enable two-factor authentication for your Talkdesk login, please follow these steps:
- In the top-right corner of your Talkdesk navigation bar click your initials or the down arrow .
- Select ‘Security Settings’ from the drop-down menu .
- Click the ‘Setup two-factor authentication’ button .
A list of backup codes is then displayed:
We strongly recommend that you download, print or copy the backup codes displayed into a safe location that you can easily access, in case you lose access to your authentication device.
Once you have done this, press the ‘Continue’ button and confirm that you’ve saved your backup codes, as you won't be able to access these codes again.
Choose one of the authentication methods. You can use the ‘Security Key’ configuration to enable Two Factor Authentication or an ‘Authenticator App’ instead:
Security keys can help protect your account by offering extra protection of two-step authentication without requiring you to use your phone.
A security key is a physical USB device you can use to authenticate into your account, and is considered one of the most secure and efficient ways to use 2FA.
When prompted to provide your 2FA credentials, instead of typing in a code, you simply insert your security key into a USB port on your computer. If your key has a disc or gold tip, tap it, or if it has a button, press it and physically tap it when prompted during login to automatically transfer the 2FA code.
Using a Security Key for two-factor authentication
To use this option, select the ‘Security Key’ option :
Have a computer with a USB port and the latest version of a compatible browser like Chrome.
Have a security key that plugs into a USB port and works with FIDO Universal 2nd Factor (U2F).
Once ready, press the ‘Next’ button :
- Insert your security key.
- If your key has a disc or gold tip, tap it.
- If your key has a button, press it.
- Follow the instructions on the screen to finish adding the key to your account.
Press the ‘Finish’ button  once done.
Signing in using your key
Once 2FA with Security Key is enabled for your account, the next time you log in to your Talkdesk account you’ll be asked to insert your email and password as usual in order to log in, however, in addition to this, you will also be required to insert your security token and tap its button, disc or gold tip (if it has one):
If you choose to receive your security codes through a mobile authenticator app, you’ll first need to download and install one on your phone. Any app that supports the Time-based One-Time Password (TOTP) protocol should work.
TOTP is the mechanism that Google Authenticator and other two-factor authentication apps use to generate short-lived authentication codes to verify your identity based on a shared secret. When logging into Talkdesk, your device generates a unique code based on the shared secret and the current time. Then you have to manually submit this code in order to compare and validate the login request.
To get started, select the ‘Authenticator App’ option :
If you don’t yet have a TOTP app installed on your phone, you can download Google Authenticator app from the App Store if using an iPhone, or from Google Play for Android phones.
Press ‘Next’  when ready and scan the QR code displayed using your phone camera to add it to your authenticator app.
Enter the verification code displayed on your mobile app  and press ‘Finish’ .
Signing in using your app
Once 2FA with Authenticator App is enabled, the next time you log in to your Talkdesk account, you’ll be asked to insert your email and password as usual in order to log in, however, in addition to this, you will also be required to enter a verification code generated by your mobile phone app.
Your smartphone authenticator app generates a new code every 30 seconds to use for this second part of the authentication process:
Note: If your verification codes generated by Google Authenticator aren’t working, it might be because the time on your Android device is incorrect. Follow this Time sync for Google Authenticator on Android instructions to fix it.
Also note that, in case you’ve set up both 2FA methods for your Talkdesk login (Security Key + Authenticator App), the Security Key method will be preferred, as it’s considered safer. You can click the ‘Try another way to login’ link and select the Authenticator App instead if preferred:
Lost security key or phone
If your security key or phone is lost, you can follow these steps to get back into your account using your backup codes.
- Type in your username and email:
- Press the ‘Login’ button .
- Click the ‘Try another way to login’ link :
- Select the ‘Recovery codes’ option :
- Type in or copy and paste one of the unused codes from the list of your saved codes file.
- Click ‘ Verify’ .
That’s it! You should now be logged in to your account.
After you’ve used a backup code to sign in, it will become inactive.
You can generate a new set of 15 codes whenever you want. After creating a new set, the old set will automatically become inactive.
If you have permanently lost a device, make sure to remove it from your list of two-factor authentication options by following the steps below.
Disabling Two-factor Authentication
If your admin has not enforced two-factor authentication for your account, you can disable two-factor authentication for your own login at any time. To do this follow these steps:
- Select ‘Security Settings’ from the drop-down menu on the top right.
- Click the ‘Setup two-factor authentication’ button:
Click the ‘Remove’ button next to the two-factor authentication option you want to disable.
You can also disable 2FA completely by selecting the ‘Disable’ button instead: