Have your say in Community Polls: What was/is your greatest motivation to start your own business?

Is two-step authentication a must for all POS platform users?

Is two-step authentication a must for all POS platform users?

CJackson770
Excursionist
13 1 4

Hi, 

 

We are setting up a POS (bricks and mortar), our organization requires that ALL Associates have two-factor authentication to access the platform. 

 

Do we have to have the Shopify Plus plan to enforce this for all users as noted in this link

https://help.shopify.com/en/manual/shopify-plus/security/global-two-step-auth

 

Or is there another way to mandate two-step authentication?

 

If every staff had a Shopify ID would that allow them to set up two-factor authentication?

 

I look forward to your insights!

Replies 2 (2)

DesmondNg
Shopify Partner
33 4 3

Hi @CJackson770 ,

 

Yes you are right. The normal Shopify plans do allow the setting up of the Two-step Authentication, but it's more on a voluntary basis. As an Admin or Owner of the store, you would be able to see the sign-up status for each Staff (Click on each individual name and check for Two-step Authentication).

For them to sign up, ask them to log in via accounts.shopify.com

Being on Plus will give you the additional benefit of "enforcing it". This means they will have to have Two-step Authentication active before logging in to your store.

And as noted in your question, if you want all staff (assuming you have more than 15, which is the limit of Advanced Shopify, you would need to consider Shopify Plus).

Alternatively, since you have a Brick and Mortar Store, having Shopify POS Pro would also give you the benefit of managing their permission access. By default, having access to Shopify POS does not mean the staff has access to Shopify's admin backend, so in a way, that is secured.

That means if you can define which staff would actually have the need to access the Shopify Backend, and just enforce the Two-step Authentication unto them.

CJackson770
Excursionist
13 1 4

Hi Desmond,

 

Thank you for your reply and that information.

 

All of our staff need to have Two-Step Authentication.

 

My other 2 admins were able to set-up Two-Step, but I don't see that option for the associates/cashiers? When I try to set up one of the cashiers with a Shopify ID as you have suggested the system defaults to "free trial account".  Can only Admins have a Shopify ID?  

 

Thoughts?