email verification masquerading as 2FA

Options
Peter Brackstone
Peter Brackstone Member Posts: 1
5 Up Votes

The email verification masquerading as 2FA is very inconvenient and relies on the customer to have access to their Pipedrive associated email account on the same device on which they are logging into Pipedrive. Competing applications are smarter and use Authenticator apps or push notifications. When will this be changed as it interrupts workflow and restricts access for those with valid credentials?

6
6 votes

· Last Updated -

Comments

  • Andre Vill - DominateSales.io
    Andre Vill - DominateSales.io Member Posts: 137
    First Anniversary Name Dropper First Comment 5 Likes
    edited April 2022 #2
    Options

    I 100% agree with this. I am using 2FA from my phone most of the time for other apps and our company employees don't have access to our email domain inbox, so if our Pipedrive asks for any verification, it's pretty much a waiting game until our CEO or Technical supervisor allows us access to Pipedrive again. So a connection to Authenticator App should be a MUST!

  • Norberts Ositis
    Norberts Ositis Member Posts: 1
    First Comment
    Options

    100% agree. Integration with Google Authenticator or similar app would be much more convenient. Also, remembering a device and verification of 2FA only from time to time (e.g. once a week/month) would be good as well.

  • Warren Bean
    Warren Bean Member Posts: 1
    First Comment Photogenic
    Options

    With the ever-increasing sophistication of phishing attacks using malicious links in emails this method of 2FA has become outdated. I use push notifications or authentication apps for most 2FA scenarios now.

  • RI
    RI Member Posts: 15
    First Comment
    Options

    A large % of the issue would be solved by allowing the link to be opened on a browser or device other than the one the user is trying to log in on. eg, logging in on computer but opening link from email on phone.

  • Kristian Kalm
    Kristian Kalm Pipedrive Team Posts: 3 PIPEDRIVE TEAM
    First Anniversary Name Dropper Combo Breaker First Comment
    Options


    Hello, we added workaround where you can use email link as OTP. If its opened in browser you can use copy button and when returned to Pipedrive app you will see button to continue the sign in.

  • Boston50
    Boston50 Member Posts: 1
    First Comment
    Options

    Please make 2FA a text or authenticator option on pc's, add biometrics to mobile. thank you -

  • Richard
    Richard Member Posts: 13
    Name Dropper First Comment First Anniversary Photogenic
    Options

    TOTP from a password manager / authenticator app is required please.

    I would be disappointed if the improvement is only a OTP text message sent to a mobile phone 😑 TOTP are so much quicker to log in with instead of waiting for a 3rd party service to send you something.

  • Egil Helland
    Egil Helland Member Posts: 1
    Name Dropper First Comment
    Options

    Agree with @Richard that proper TOTP is something that should be in place. Also, now that Passkeys are a thing, maybe Pipedrive should jump a bit ahead of the curve and offer that as login method, as it greatly simplifies everything related to password management?!