email verification masquerading as 2FA

Peter Brackstone
Peter Brackstone Member Posts: 1 VERIFIED MEMBER
5 Up Votes
edited July 2022 in Ideas and Product Feedback #1

The email verification masquerading as 2FA is very inconvenient and relies on the customer to have access to their Pipedrive associated email account on the same device on which they are logging into Pipedrive. Competing applications are smarter and use Authenticator apps or push notifications. When will this be changed as it interrupts workflow and restricts access for those with valid credentials?

Tagged:
6
Up
6 votes

· Last Updated -

Comments

  • Andre Vill - DominateSales.io
    Andre Vill - DominateSales.io Member Posts: 148 VERIFIED MEMBER
    Fourth Anniversary 100 Comments Name Dropper 5 Likes
    edited April 2022 #2

    I 100% agree with this. I am using 2FA from my phone most of the time for other apps and our company employees don't have access to our email domain inbox, so if our Pipedrive asks for any verification, it's pretty much a waiting game until our CEO or Technical supervisor allows us access to Pipedrive again. So a connection to Authenticator App should be a MUST!

  • Norberts Ositis
    Norberts Ositis Member Posts: 1 VERIFIED MEMBER
    First Comment
    #3

    100% agree. Integration with Google Authenticator or similar app would be much more convenient. Also, remembering a device and verification of 2FA only from time to time (e.g. once a week/month) would be good as well.

  • Warren Bean
    Warren Bean Member Posts: 1 VERIFIED MEMBER
    First Comment Photogenic
    #4

    With the ever-increasing sophistication of phishing attacks using malicious links in emails this method of 2FA has become outdated. I use push notifications or authentication apps for most 2FA scenarios now.

  • RI
    RI Member Posts: 15 VERIFIED MEMBER
    10 Comments
    #5

    A large % of the issue would be solved by allowing the link to be opened on a browser or device other than the one the user is trying to log in on. eg, logging in on computer but opening link from email on phone.

  • Kristian Kalm
    Kristian Kalm Pipedrive Team Posts: 3 PIPEDRIVE TEAM
    Third Anniversary Name Dropper Combo Breaker First Comment
    #6
    2faworkaround.jpg


    Hello, we added workaround where you can use email link as OTP. If its opened in browser you can use copy button and when returned to Pipedrive app you will see button to continue the sign in.

  • Boston50
    Boston50 Member Posts: 1 VERIFIED MEMBER
    First Comment
    #7

    Please make 2FA a text or authenticator option on pc's, add biometrics to mobile. thank you -

  • Richard
    Richard Member Posts: 15 VERIFIED MEMBER
    10 Comments 5 Likes Name Dropper First Anniversary
    #8

    TOTP from a password manager / authenticator app is required please.

    I would be disappointed if the improvement is only a OTP text message sent to a mobile phone 😑 TOTP are so much quicker to log in with instead of waiting for a 3rd party service to send you something.

  • Egil Helland
    Egil Helland Member Posts: 1 VERIFIED MEMBER
    Name Dropper First Comment
    #9

    Agree with @Richard that proper TOTP is something that should be in place. Also, now that Passkeys are a thing, maybe Pipedrive should jump a bit ahead of the curve and offer that as login method, as it greatly simplifies everything related to password management?!

Categories