TaxDome logo

centro assistenza
registrarsi Accedi

Manage authentication settings for your team & clients

Sommario

Learn how authentication works for your firm, how to require two-factor authentication (2FA) for team members and clients, and how to help users who lose access.

icona della nota

Nota

This article is for the firm owner and admins only.

Authentication at TaxDome, explained

TaxDome requires email verification when users sign in. After entering their password, users receive a one-time code via email to verify their identity.

icona in lavorazione

Prossimamente

Enhanced security with one-time codes sent to email are being rolled out to firms. If you don’t see this feature yet, it will be available for your firm soon.

For enhanced security, you can require two-factor authentication (2FA) using an authenticator app for your team members and/or clients. This method offers stronger protection than email verification because codes are generated on users’ devices rather than sent via email, making them immune to email interception or phishing attacks.

All users can also enable SMS as a backup option in their accounts .

info icon

Info

Mandatory email verification is enabled for all TaxDome users. If you already have 2FA configured or using Google account to sign in, your current setup will continue to work.

Authentication methods

  • Email verification (mandatory) : A 6-digit code is sent to users’ registered email address each time they log in. This method is enabled automatically and requires no setup.
  • Two-factor authentication (2FA) via authenticator app: Users generate verification codes using apps like Google Authenticator or Microsoft Authenticator. This method offers stronger protection and faster access. You can require this method for team members and/or clients.
  • SMS (backup option) : All users can configure their mobile number to receive codes via text message as a backup when email or authenticator app is unavailable. For clients who haven’t enabled SMS backup, TaxDome automatically suggests a phone number from their contact information when they request an SMS code during sign-in and saves it after verification. SMS backup is not available for users in the EU.

You cannot disable email verification for your firm—it is required for all users. However, users can skip verification for 30 days when accessing from the same device by selecting the Remember this device option during sign-in .

Abuse prevention

TaxDome includes configurable security limits to prevent abuse:

  • Code request limits: Users can request a limited number of verification codes per sign-in attempt
  • Entry attempt limits: After a certain number of incorrect code entries, users must request a new code
  • Code expiration: Verification codes expire after a set timeframe
  • Different limits: Email codes and SMS codes have separate rate limits
  • Method switching: When users exhaust limits for one method, they’re offered to switch to another available method
  • Account protection: Users who exceed limits for both email and SMS are temporarily blocked and must contact you or your team for assistance

Require authenticator app 2FA for team members and clients

By default, all users have email verification enabled. However, you can require a more secure authentication method by making authenticator app 2FA mandatory for your team members and/or clients.

To require authenticator app 2FA:

  1. Go to Settings > Firm settings from the left sidebar menu.

  2. In the Two-factor authentication (2FA) section:

a. Select the Enable authentication via app for team members checkbox.

icona di avviso

Avvertimento

Once saved, all firm members, including admins and the firm owner, will be required to set up an authenticator app. Email verification won’t work anymore.

b. (Optional) You can apply this requirement starting from a specific date (delayed start) for team members. This gives your team time to set up their authenticator apps in advance.

c. Select the Enable authentication via app for clients checkbox.

d. (Optional) You can apply this requirement starting from a specific date (delayed start) for clients.

  1. Click Save to apply the changes.

If you set a delayed start date, team members and clients will see an alert in the portal prompting them to set up their authenticator app before the enforcement date.

Starting from the selected date, users must set up an authenticator app and enter a code from the app when logging into the portal. Email verification codes will no longer be accepted, though SMS backup can still be configured as a backup option.

Configure troubleshooting email

By default, the firm owner receives notifications when team members or clients request authentication assistance. You can designate someone else to receive these requests:

  1. Go to Settings > Firm settings from the left sidebar menu.

  2. In the 2FA troubleshooting section, enter the email address.

  3. Fare clic su Salva .

This email will receive notifications when users click Contact us during sign-in issues.

Temporarily bypass verification (one-time access)

You can allow a team member or client to sign in once without entering a verification code. This is useful when they can’t receive codes via email or SMS but need immediate access.

icona di avviso

Avvertimento

This is a potentially dangerous operation that temporarily reduces account security. Use this feature only when absolutely necessary.

Per i membri del team

  1. Go to Settings > Team & plans from the left sidebar menu.

  2. Open the Team members tab.

  3. Click the three dots to the right of the team member’s name.

  4. Select Temporarily disable email 2FA.

  5. Click Confirm.

Per i clienti

  1. Open the client profile and switch to the Info tab.

  2. In the Contacts section, find the email address with sign-in issues.

  3. Click the three dots next to the email address.

  4. Select Temporarily disable email 2FA.

  5. Click Confirm.

icona della nota

Nota

If an email address is linked to multiple clients, all of those clients will be able to sign in without verification once.

This bypass works only once. After the user signs in successfully, they will be prompted to enter a verification code on future sign-ins. When they sign in using the bypass, they’ll immediately see a prompt to configure SMS backup for future emergencies. This ensures they have an alternative authentication method available.

Change email address for verification codes

If a team member or client doesn’t receive email verification codes, you can update their email address:

Per i membri del team

  1. Go to Settings > Team & plans from the left sidebar menu.

  2. Open the Team members tab.

  3. Click the team member’s name to open their profile.

  4. Update the Email field under Login details.

  5. Fare clic su Salva .

The team member will receive verification codes at the new email address.

Per i clienti

  1. Open the client profile and switch to the Info tab.

  2. In the Contacts section, click the three dots next to the contact.

  3. Select Edit contact.

  1. Update the email address.

  2. Fare clic su Salva .

The client will receive verification codes at the new email address.

Questo articolo ti è stato utile?

Condividere

Collegamento copiato Condividi su linkedin Condividi su Facebook

Sommario

Condividere

Collegamento copiato Condividi su linkedin Condividi su Facebook

Salva