Password and Two-Factor Authentication (2FA)
Corsizio is highly committed to providing a platform that prioritizes security and privacy. While we do everything we can on our end in this regard, it is equally important for you as the user to take appropriate security measures for your Corsizio account.
Your user login responsibilities:
- First, as per our Terms of Use, logins and passwords are not to be shared between users. Each user that would like to be part of an organization's account on Corsizio must have their own user login and password and be responsible for their own login activity. Please refer to the following help doc if you need help adding multiple users to an account.
- Second, each user is responsible for keeping their account secure by taking appropriate measures to secure their login and password. This includes you being the only person with access to and control over your email inbox, as the user account email address is used to log in, reset a password, verify the account, and receive security alerts.
- Third, we highly recommend you enable two-factor authentication, as described in this help doc, to increase the security of your account and prevent any malicious online behavior that may compromise your Corsizio account.
Below are some more important tips and guidelines for you to apply to keep your Corsizio account secure.
Password Setup & Changes
Use Long, Strong, and Unique Passwords
As part of good account security and maintenance, do not use the same password for any platform where personal and financial data is present. Your Corsizio account should always have its own unique password. Unique passwords can be generated using a password manager app. Regardless of how you create them, they should be sufficiently long and include various letters, numbers, and special characters.
Do Regular Password Changes
It is very important not to keep the same password in use for too long on any account. It is crucial to change your password immediately in case you ever feel your login credentials were compromised. Under normal circumstances, password changes should be done once per year, but you may wish to do them more or less frequently, depending on your needs and security comfort level.
Whenever your password is changed on Corsizio, you will be sent a security alert email about this change, so be sure your user login email address is always valid.
TIP — To change your user login password, go to Settings from your Corsizio dashboard. In the My User Profile area, you have the option to change your password.
Always Log Out on Public or Borrowed Devices
If you ever think you left yourself logged into your Corsizio account on a public or other person's device, you can end any such sessions by changing your Corsizio account password.
By taking the "Change your password" action within the account Settings, even if you change it to the same password, it will automatically log you out of all sessions that you may have open on any device.
Password Resets
If you cannot remember your password or log into your account, you can reset it from the login screen by following the "Reset my password" option. You will need your user login email address that is on the account.
The system will send a unique reset link to this email address, which you will follow to enter and reset your password. For this and other security reasons, you must be the only one with access to and control over your email inbox, as the user account email address is used to log in, reset a password, verify the account, and receive security alerts.
NOTE — If you do not see the password reset email in your email inbox within a minute or so, check the following:
- Ensure you use the right email address to reset your user login password. Corsizio will not send an email if the email address is invalid or does not exist in the system.
- Check your spam folder.
- If you are using a company email address, you may need to contact your organization's IT department to ensure that they are not blocking the email from reaching your inbox.
Verification Code Emails to Log In
In addition to your password login, the system will prompt you to enter a verification code from time to time. This may happen if you are logging in from a new device or location.
Corsizio will email you a verification code to enter upon trying to log in if you do not have two-factor authentication already enabled. This protects your account from being taken over from a different location by someone who may have obtained your password through malware or phishing attempts on your device.
NOTE — If you are prompted to enter a security verification code during your login and do not see the email message with the security verification code in your email inbox within a minute or so, check your spam folder.
- If you are using a company email address, you may need to contact your organization's IT department to ensure that they are not blocking the email from reaching your inbox.
Two-Factor Authentication
We recommend all users enable two-factor authentication for their user login to further enhance their account security.
TIP — To turn on Two-Factor Authentication, go to Settings from your Corsizio dashboard. In the My User Profile area, you have the option to set up and enable 2FA.
To set up and enable two-factor authentication
- Open your Authenticator App of choice to set up 2FA. This can be your favorite password manager or a dedicated 2FA authentication app, like Google Authenticator or Authy. Most modern password manager apps, like 1Password or LastPass, also act as 2FA authentication apps to generate verification codes for you in a convenient way during login. You may configure multiple authentication apps using the same QR code provided on the screen.
- Then, you scan the QR code provided on the screen with your Authenticator App or copy its secret key if your app asks for it.
- Finally, enter a code from your Authenticator App to verify the setup and enable 2FA on the account.
When two-factor authentication is enabled, you will be asked to enter a one-time verification code from your Authenticator App when logging into your Corsizio account.
You can also turn off two-factor authentication anytime in your account settings, but we highly advise you to always have it enabled to protect your account and its data.