At DNSimple, we take our customers' security seriously. We know domains and DNS are the most valuable assets for a modern company.
That's why we're excited to announce two-factor enforcement for accounts with multiple users.
We support two-factor authentication (2FA), and have since 2012. Two-factor authentication adds a second factor to the login process. In addition to what you know (the password), two-factor authentication adds what you have (a device generating the token). That way, if your password is compromised, an attacker would still need the second factor to access your account. We use TOTP (Time based one-time passwords) as tokens. You can learn more about how we use this on this post.
Domains are important assets, so account security is vital - especially for businesses. We strongly encourage users never to share log-in credentials, that's why our Professional and Business Plans feature two-factor authentication and enforcement for multiple users. If you want your co-workers to have access to the domains, you can invite them to be users on the account. They create their own logins, enable 2FA, and increase the security of your domains.
We encourage you to enable two-factor authentication for every user that has access to your account. When you add more people to your DNSimple account, it can get cumbersome to check that all team members have two-factor authentication enabled. We believe in automation, so now you can enforce two-factor authentication for all members of your account.
To enable two-factor authentication enforcement on your account, navigate to the team members page of your account. Below your team members list, you can enable two-factor authentication enforcement.
If not all team members have two-factor authentication enabled, you cannot activate this feature. You either need to bribe them to enable it by offering chocolate, or remove them from the team. If a team member disables two-factor authentication while you have this feature activated, they'll automatically be removed from the team (they'll see a warning before they're removed).
Two-factor authentication for multiple users is not available on the Personal Plan, because it's exactly that - personal. If you'd like to add multiple users to one account and enforce two-factor authentication, you'll want to switch to a Professional or Business Plan.
We hope you enjoy this new feature. If you have any feedback, we're always happy to hear from you.