You can protect your data in Bitrix24 account using two-step authentication. In this case, logging in to Bitrix24 will consist of two stages: first you need to enter your login and password, and then - a unique one-time code generated by a special application. The code is limited in time and is used only once.
How an administrator can enable two-step authentication for all employees
The administrator should configure two-step authentication first for his/her account and then for all account users. Go to your personal profile. Click the Security button - Enable.
Go to the account Settings.
Enable the Mandatory for all employees option in the Security tab - Two-factor authentication. Set the time during which users have to enable two-factor authentication.
To ensure that employees are notified when someone tries to log in to their accounts, enable the Send authentication code to Notifications option. Save the settings.
How an employee can enable two-step authentication
Employees can enable two-step authentication to protect their accounts. Go to the personal profile and click the Security button - Enable.
Make sure the time on your mobile phone and computer are the same. You should use one-time time codes.
Download the Bitrix24 OTP mobile app from App Store or Google Play. You can use any application for two-step authentication with a Time-based One-Time Password Algorithm.
Launch the application. Scan QR code from monitor or configure the data manually.
Enter the verification code and click Done.
Now you will need to enter your login, password and one-time code every time you log in to Bitrix24.
Why do you need recovery codes
You may need the recovery codes if you are unable to use the one-time code generation application on your smartphone. For example, if your phone is ran out of battery or lost. After you turn on two-step authentication, go to your personal profile. Click Security - Recovery Codes.
Save the codes in a text file or print them out. Each code can only be used once.
If you changed the mobile phone, you have to download and configure the app again. Go to the profile page, click Security - My mobile device has changed.