Implementing Two-Factor Authentication (2FA) Follow
🔒 Two-factor authentication (2FA) is a specific type of multi-factor authentication (MFA) that strengthens access security by requiring two methods (also referred to as authentication factors) to verify the identity of each user that logs into Law Ruler. 2FA is highly recommended for all Law Ruler customers. With phishing, spyware, viruses, and other malware scams on the rise in today's society, the more security, the better. Email passwords by themselves are considered safer with 2FA enabled.
Protect your client data with this additional security measure and enable 2FA in your system today!
After enabling Two-Factor Authentication (2FA) in your system, all users will be required to enter a six-digit SMS text message code to log into the system.
How to Activate Two-Factor Authentication (2FA) via SMS Text Message in Law Ruler
- Click on Setup > Security Settings
⚠️ You must be a user with admin access to access the Setup menu and edit 2FA settings. Please ask your firm administrator or IT department if you would like this activated for your firm.
- Navigate to the Two-Factor Authentication (2FA) Settings option
- Click the switch to the "On" position to activate Two-Factor Authentication (2FA)
*** Before you enable 2FA, it is strongly recommended to add a mobile number for all users. Otherwise, an unauthorized party that has user logins and passwords could enter their mobile number and lockout a customer's authorized users. It is best if an administrator that knows the users is the one that adds mobile numbers for ALL users before enabling this feature.
💡 It is considered to be more secure for a member of your firm that is familiar with all staff and their mobile numbers to perform this setup action ahead of time before activating 2FA.
- Mobile numbers will be required for all users to enable 2FA.
- 2FA must be enabled for an entire portal system and not per user. If you feel that this additional security measure is needed for your users, then turn it on.
- Once 2FA is enabled, it becomes required for all users as a security policy for your entire firm. If someone does not own a mobile phone, then consider setting up a third-party online texting service such as Whats App, etc., so they are able to use this security feature. International numbers are not accepted for 2FA due to security reasons. Only numbers in the U.S. and Canada are allowed.
- A six-digit security code will be sent to a user at the time of login. This code is required to log in to the system after 2FA is enabled. Failing to enter this code three times will result in the user account being locked. Only an administrative user at the firm may unlock the account. Law Ruler Support cannot unlock user accounts for the firm, so please contact your firm administrator if this occurs.
- Each additional device that is used to log in to Law Ruler will require 2FA.
⚠️ Please note: Before activating 2FA, it would be a great idea to collect a list of mobile numbers for your users and update them all inside of Setup > Manage Users first.
📵 If a user does not have a mobile number in Law Ruler, then the system will prompt each user to enter their mobile number one time, during the first use, at the time of login if a mobile number is not present. As a reminder, international numbers are not accepted for 2FA due to security reasons. Only numbers in the U.S. and Canada are allowed.
Here is why: Outside of Law Ruler or other apps, an unauthorized party could potentially compromise a law firm computer and steal passwords. 2FA is a great tool to add additional security but is only as useful as how it is implemented. That same unauthorized party could potentially enter their own mobile phone number for your user, if you did not enter your staff's mobile numbers ahead of time, unbeknownst to them. With that said, how your firm implements this feature is up to each firm, not Law Ruler.
P.S. In the future, Law Ruler will also be offering 2FA through an authenticator app, but that secondary verification feature is not currently available at the time of writing this support article.
Why Is My Account Locked?
⚠️ If there are too many failed attempts when entering in your verification code, your account will be locked. To have your account unlocked, please contact our support team at email@example.com.