Understanding 2-Factor Authentication (2FA)
2-Factor Authentication (2FA) is strongly recommended for all Notehouse accounts and may be required for organizations operating in compliance-driven environments, including those subject to HIPAA.
2FA is a key security best practice and is commonly required in environments handling sensitive or regulated data as it helps protect your account even if your password is compromised.
Table of Contents
How Does 2-Factor Authentication Protect My Account?
2FA requires a second verification step when you log in, in addition to your password. This ensures that access is granted only if you have both your login credentials and a trusted device.
Notehouse supports two 2FA methods:
- Authenticator apps (such as Authy, Google Authenticator, Microsoft Authenticator, and similar apps)
- SMS verification, which sends a one-time code by text message
Who Can Enable 2FA?
2FA can be enabled in two ways:
- Organization administrators may require 2FA for all users in the organization
- Individual users may enable or disable 2FA for their own account, unless 2FA is enforced at the organization level
When 2FA is required by an organization, users must enroll before they can access Notehouse.
Important: Backup 2FA Methods
You are responsible for maintaining access to your 2FA methods.
If you lose access to your primary 2FA device and do not have a backup method enrolled, account recovery may not be possible. We strongly recommend enrolling more than one 2FA method whenever available to avoid lockouts.
If you have questions, please contact us at support@getnotehouse.com.