2-Step Verification

Multi-Factor Authentication is recognized as an important privacy and security safeguard, and it’s a standard tool used to protect sensitive data.

📝 A quick note on terminology: At Jane, we use 2-Step Verification to describe the extra step you take when signing in. The two steps involve different factors: something you know (your password) and something you have (a verification code). Because of that, Jane’s 2-Step Verification meets the definition of Multi-Factor Authentication. That’s why you may see the terms Multi-Factor Authentication and 2-Step Verification used interchangeably.

When 2-Step Verification is set up, you’ll be asked to enter a one-time code after your password each time you log in. You can choose to set up an authenticator app, a text message, or both. If you set up both, you can pick one as your default and use the other as a backup in case you ever lose access to your phone or app.

You’ll also get a backup Recovery Code when you set up 2-Step Verification. You can use it if, for any reason, you can’t access your verification code later on.

📣 If you’re locked out of your account, follow these steps.

Let’s get started.

Using an authenticator app
Using text messages (SMS)
Not receiving your SMS verification code?
Enforcing 2-Step Verification clinic-wide
Disabling 2-Step Verification clinic-wide
Disabling 2-Step verification on your staff profile

Using an authenticator app

We strongly recommend the authenticator app option because:

It’s more secure than SMS messages
You can use it on your desktop or laptop device, so even if you lose or don’t have access to your phone, experience a carrier outage, or are travelling and can’t receive SMS messages, you’ll still be able to log in.

Step 1: Download an authenticator app

First, you’ll want to choose and download an authenticator app. You will need to decide which device you want to add your app to. It can be a mobile device like an iPad or phone, or even your computer.

💡 Jane tip: It’s a good idea to have your authenticator app available on your computer or laptop in case you lose your mobile device. An app with cross-device syncing will be needed.

On iOS devices, your verification codes are usually saved in the Passwords app by default. They’ll be generated for you automatically and appear right above your keyboard when you need them. You can also open the Passwords app anytime and tap your account to copy the code.

Below is a list of some (but not all) of the more common authenticator apps that work with Jane: ⤵️

Application	Type	Cost	iOS	Android	Desktop	Other info
Passwords (Apple)	App	Free	✅	❌	✅	Syncs across multiple devices
Microsoft Authenticator	App	Free	✅	✅	❌
Authy	App	Free	✅	✅	❌	Syncs across multiple devices
Google Authenticator	App	Free	✅	✅	❌	No cloud sync (manual transfer only)
Zoho OneAuth	App	Free	✅	✅	✅
1Password	Password Manager	Paid	✅	✅	✅	Syncs across multiple devices Auto enters code
Bitwarden	Password Manager	Paid	✅	✅	✅	Syncs across multiple devices Auto enters code
LastPass	Password Manager	Paid	✅	✅	✅	Syncs across multiple devices Auto enters code

Step 2: Log in to Jane and link your authenticator app

Next, you’ll introduce your authenticator app and Jane. 🤝

If 2-Step Verification is enforced clinic-wide, you can follow the prompt to set it up when you log in. Otherwise, head to your My Account area by clicking your name in the top right corner of Jane and selecting My Account.

On a mobile device, you’ll click on the circle around your initials in the upper-right corner. Next, select My Account:

Next, scroll down and click 2-Step Verification on the left menu, and then select the authenticator app option:

Once you click the Authenticator App toggle, you’ll enter your password.

Next, you’ll see a QR code and a manual setup key.

Open your authenticator app, add a new account, and either scan the QR code or enter the setup key into the authenticator app manually.

Click the blue Next button in Jane, and then enter the code your authenticator app gives you and click Submit.

Here comes the last step- you’re going to get a Recovery Code that you can copy or download. Save it somewhere safe (we recommend using your authenticator app, password manager, or secure cloud storage) because if you can’t get your authentication code for any reason, you can use your Recovery Code instead.

Last step! If you’ve set up both 2-Step Verification methods, you can choose which one is your default.

Using text messages (SMS)

On a mobile device, you’ll click on the circle around your initials in the upper-right corner. Next, select My Account:

Scroll down and select 2-Step Verification on the menu to the left and toggle on the Text Message (SMS) option.

💡 Jane Tip: While any 2-Step Verification method offers extra security, using the Authenticator App option is recommended as it’s more secure and can still be used if you lose your mobile device.

Next, enter your password and the mobile number where you’d like to receive your SMS codes.

💡If you already have a mobile phone number on your staff profile, it will pre-populate for you. If you enter a different mobile number, it will update what’s on your staff profile.

Once you’ve confirmed your phone number, you’ll receive your authentication code by text (SMS), which you can enter into Jane and click Submit.

If you don’t receive a code by text, just click the Resend code button to receive a new one.

Once you’ve submitted the authentication code, you’ll be given a Recovery Code, which you can copy or download. Save it somewhere safe (we recommend a password manager or secure cloud storage) because if you lose access to your phone, you can use your recovery code instead of your SMS code to sign in.

Last step! If you’ve set up both 2-Step Verification methods, you can choose which one is your default.

Not receiving your SMS verification code?

If you have access to your device but you’re not receiving your SMS code, you’ll first want to check:

Are your text messages from Jane going to your “Spam” or “Blocked” folder on your phone? Many text messaging apps will have a separate folder for messages they consider spam, which these verification texts can sometimes look like. See if anything is in that folder and if so, you’ll have your code!
Are you getting text messages from anyone else? Check to make sure you’re not experiencing a phone service outage.
Do you have access to your Recovery Code? You can use this in place of your SMS code to sign in.
Are you logged in on any other device? If you can’t get in on your laptop, but you’re logged in on your phone, you can get into Jane and disable your 2-step verification, if you’re experiencing any issues.
Is there any other Full Access User that can disable 2-step verification for you so you can get in?
Do you also have the authenticator app option set up? If so, you can select the Try another way option on your login screen to use your authenticator app instead of SMS.

If the answer is no to all six questions, please get in touch with our Privacy and Security Team at [email protected]

How to enforce 2-step verification clinic-wide

If 2-Step Verification is not enabled clinic-wide, a Full-Access user can make 2-step verification mandatory for all staff profiles clinic-wide. First, head to Settings on the top bar of Jane and select Security from the menu on the left.

Next, click Edit beside 2-Step Verification Enforcement.

Check off the box labelled Require 2-step verification at (clinic name) and pick a date for the setting to take effect.

The Allow recognized devices to skip 2-Step Verification checkbox can be unchecked if you want staff members to enter their verification code each time they log in, even from a trusted device.

Staff members will receive an email prompting them to set up 2-step verification, and will also be prompted to set it up when logging in and with a banner in Jane.

If a staff member hasn’t set up 2-Step Verification by the time it becomes mandatory, they’ll be prompted to set it up when they next log in.

Disabling 2-Step Verification clinic-wide

🚨Heads up: Disabling 2-Step Verification could have compliance or regulatory implications and could impact your ability to make a claim on your practice’s cybersecurity insurance policy.

We strongly recommend that all clinics have 2-Step Verification enforced clinic-wide (even for solo practitioners) so that all staff members have an extra layer of security on their profile. Even if you’re the only staff profile on your Jane account, you may need to provide access to contractors or more staff as your clinic grows. Enforcing 2-Step Verification clinic-wide ensures all logins are protected from the start.

If you decide to make 2-Step Verification optional, you can do so by heading to Settings > Security. Click Edit next to 2-Step Verification Enforcement:

Uncheck the Require 2-Step Verification box and click Save.

Disabling 2-Step verification on your staff profile

🚨 Heads up: Disabling 2-Step Verification could have compliance or regulatory implications and could impact your ability to make a claim on your practice’s cybersecurity insurance policy.

▶ Don't want to enter your code every single time you log in on a trusted device?

When logging in with a verification code next time, you can click the Trust this browser to skip 2-Step Verification for 30 days checkbox so that you only have to enter your code every 30 days when you log in on that browser. However, if you clear the cookies in your web browser or use an incognito window, you will still be prompted to enter a verification code.

If you do not see this checkbox, the setting has not been enabled for your clinic in Settings > Security > 2-Step Verification Enforcement.

You can disable 2-step verification for yourself if:

You are able to log into your account
2-Step Verification is not enforced clinic-wide

Click on your name in the top right corner of Jane, and select My Account:

On the menu to the left, select 2-Step Verification and then click on the SMS and/or Authenticator app toggle to turn them off.

You’ll be prompted to enter your password to confirm.

All done!

Jane's Guide

Here's all the help you need to use Jane.