Locking The Front Door: Understanding 2FA For Member Jungle Admins

 

Two-factor authentication (2FA) is a non-negotiable aspect of modern cybersecurity, particularly for platforms like Member Jungle that handle sensitive membership data. By enforcing this critical layer of admin security, Member Jungle ensures robust data protection for your club or association. This essential security measure, a key part of online security best practices, significantly reduces the risk of a data breach, safeguarding your members' information even if an admin password is compromised.

As someone who reads a hell of a lot of books, I often get quotes stuck in my head, and one quote that has been stuck in my head for more than a decade is “There is no such thing as paranoia. Your worst fears can come true at any moment.” - Hunter S. Thompson. 

It's a quote that has influenced me a lot. We often assume bad things won’t happen to us, that crime is an abstract concept that only happens to other people. I can assure you from personal experience that it's a very real and present danger we must all be ready for.

This brings me to the topic I want to talk about today: two-factor authentication (2FA). It's an increasingly common security measure that we all need to be doing. It won't have escaped your notice that more and more online platforms are enforcing two-factor authentication these days, and for good reason. Member Jungle is no different; we recently enforced 2FA for all administrators with access to membership data. I understand this can be a pain, but it's well worth it. Unlocking the deadbolt on my front door is annoying and takes up precious time of my only life on this rock, but being burgled is not something I plan to do a second time.

So today, with all that cheery doom and gloom in mind, let’s talk about two-factor authentication: why Member Jungle enforces it, why it is so crucial, and how you can customise it to be as convenient as possible for you.

What Is Two-Factor Authentication?

I'm sure most people are familiar with two-factor authentication by now, but let's quickly go over it again to ensure we're all on the same page. Two-factor authentication is an added layer of security that makes it much harder for bad actors to gain access to your accounts.

When you log in to a website, your password is the first factor of authentication. Two-factor authentication provides you with a second piece of proof to help confirm that you are truly who you say you are. This second factor is typically a one-time password (OTP) that is sent to you by email, text, or an authenticator app, which you then enter to be granted access to the system.

Ultimately, this means that even if someone has your password, they cannot log in without that second factor. So, if a password is compromised, it doesn't automatically mean all of your member data is compromised, too.

For more information about two-factor authentication, read What is Two Factor Authentication & Why Is It Important in Membership Management.

Why 2FA Is Non-Negotiable

We at Member Jungle put a lot of effort into making the system as secure as possible. It contains sensitive personal data about your members, so it's critically important that it stays secure.

Think of your organisation’s Member Jungle system as a house. We build the house, we ensure that the back door is locked up with more layers of security than those plastic prisons they keep locking Magneto in. 

 

 

We ensure the walls are strong and the windows are locked tight with extremely tough glass. We then hand the keys to the front door over to you.

Global statistics show that if there is going to be a security breach, it will come in through the front door. Using two-factor authentication is the equivalent of having an electronic security system with a keypad. It means that even if someone gets the keys to your house, they still need to punch in that alphanumeric code to get inside.

Doing this makes your data and your members' information much safer, as there is a critical fail-safe built into the system in case a password is compromised.

For these reasons, we at Member Jungle have made two-factor authentication mandatory for any administrators who have access to member data. It may be an inconvenience at times, but it is absolutely necessary. There is not a single club or association that doesn't need this extra level of security to ensure their members' data is safe.

Your 2FA Options In Member Jungle 

So, two-factor authentication is just a part of our modern life now; however, we have tried to make it as convenient as possible for you by giving you three different ways to receive your one-time code. These ways are: 

• Via an email to your nominated email account 
• A push notification to the Member Jungle app on your phone
• Via an SMS sent to your phone

Please keep in mind that receiving your one-time password (OTP) via SMS does cost SMS credits in the Member Jungle system. If you don’t want to pay for more of these SMS credits, then all you need to do is log in to the system:  

1. Navigate to Dashboard 
2. Select “Security" from your MySite area
3. This will bring up the page where you can decide how to receive your one-time password. So if you don’t want to use SMS credits, you can change it here.  

 

 

Using two-factor authentication via the Member Jungle app is completely free and faster than both email and SMS, making it well worth setting up. 

For a more detailed breakdown on how to customise all the settings around two-factor authentication, please read Enabling 2 Factor Authentication (2FA) for Members and Administrators.

Remember This Device Option 

When you log in to the system, after you enter your normal password but before you enter your one-time password, you have the option to click "Remember Me" or "Trust This Device."

 

Selecting this option means you won’t be asked for a one-time password for up to seven days. However, there are a few things to take into account:

• This only works on the same device, using the same login, and on the same internet connection.
• If you select this option on your phone, you will still need to use 2FA on your computer.
• Likewise, if you select "Remember Me" on your laptop at home and then try to log in again from the office, you will be asked for a 2FA code again because your internet connection will have changed.

By default, the "remember me" feature is set to last seven days; however, it can be extended up to a month. If you would like to increase how long the system remembers your login, then please contact the Member Jungle team via a Support Ticket. 

A Quick Guide To Administering 2FA

We have only enforced two-factor authentication for administrators with access to membership data, as they pose the biggest risk to your data if a password were to be compromised. In the security tab of your site, you can also enforce 2FA for everyone, including members. While admins absolutely need to have it on, making it mandatory for members is a choice. It's certainly more secure if they do, but it is okay if you don't turn it on for all members.

For a detailed breakdown of how all the settings around two-factor authentication work and how you can alter them, read Enabling 2 Factor Authentication (2FA) for Members and Administrators. 

A Small Step For Big Protection

Yes, two-factor authentication can be a bit of a hassle, but it is more than worth it for the added security and peace of mind it brings. It is, unfortunately, just a requirement of this digital world we live in. 

For more information on other ways you can keep your accounts safe and your data private, check out 6 Security Tips To Keep Your Membership Organisation Safe. 

For more info on Member Jungle’s role in keeping everything locked up and secure, please read How does Member Jungle protect your data?