Two-step, or two-factor authentication (2FA), also known as multifactor authentication (MFA), protects your Smartling account by requiring a second verification step. When you attempt to log in, a verification code is automatically sent to your user email address. This code must be copied from your email to the empty field on the authentication page. Requiring a second step to log into Smartling keeps your account secure, even if your password is compromised.
How to log in with two-step verification
-
Go to dashboard.smartling.com
-
Enter your user email address and password as you do normally, and click Login.
-
This is your user email address that the verification code will be sent to.
- Ensure this is an activated user email address, and that you have access to the inbox to follow instructions.
-
-
Check your user email inbox and find the email from Smartling copy the 6-digit verification code.
- The code is valid for 10 minutes.
- The code is valid for 10 minutes.
-
Enter the verification code in the empty field in the Smartling authentication page and click Submit.
- Once authentication is successful, you won't need to complete the two-step verification on this browser for 30 days.
Important Considerations
Every 30 days
When you complete the two-step verification, an authentication cookie is set in your browser. This cookie remains in your browser for 30 days. This means that you will only have to complete the two-step verification process every 30 days, if you do not clear your browser cookies.
If you clear your browser cookies, you will need to complete the two-step verification to log in to Smartling.
If you use a different browser or different device, you will have to complete the two-step verification process on the new browser/device.
Verify in 10 minutes
The one-time verification code that is automatically sent to your login email address is valid for 10 minutes. This means you have 10 minutes to use the authentication code provided.
If more than 10 minutes have passed since the verification code was sent, you must request a new code by clicking Resend on the authentication page.
5 Attempts
You have 5 attempts to enter the correct and valid (unexpired) authentication code. If you make 5 unsuccessful attempts to authenticate, your account will be locked.
Locked Accounts
If your account is locked because of 5 unsuccessful attempts, you must wait 10 minutes before logging in again. Any login attempt made during these 10 minutes will restart the timer. Please wait for the complete duration to avoid extending the lockout period. After 10 minutes pass, you can resend a new code and reattempt verification.
2 Resends per minute
Resending a verification code more than twice per minute will disable the resend button. If the two resends failed, you must wait 30 seconds to resent another code. After 30 seconds pass, you can resend a third code and reattempt verification.
Shared accounts
Smartling strongly advises against sharing login credentials. Not only could this lead to security breaches, but it also prevents the shared users from maximizing the benefits of Smartling, such as personal email notifications, custom dashboards, user action history, etc.
As a part of standard security practices, Smartling periodically enforces password resets every 90 days. Shared accounts will often encounter issues with the password reset process, as one user may not know the new password and attempt to reset it again.
This ultimately leads to delays in work.
There is no limit to the number of users you can have on an account. We strongly recommend adding each individual user to Smartling to reduce risk of security breaches, authentication issues, or delays in work. If you do use a shared alias and encounter issues with MFA please see our FAQ here on how to address this.
FAQ
Why do I now need to log in with two-step verification?
Smartling has introduced two-step verification to enhance user account security by addressing common threats like phishing attacks, credential stuffing, and account takeovers. Two-step verification is an additional security layer that mandates users to provide multiple pieces of evidence or factors during the login process to verify their identity. The first step is to provide something you know, like your username and password, and the second step requires verification with something you have in your possession, such as a unique verification code sent to your email.
I didn't receive the verification email. What do I do?
The verification email is sent from the same email address as all email notifications from Smartling, <noreply@smartling.com>. If you do not receive emails from Smartling:
- Ensure <noreply@smartling.com> is a safe sender in your email.
- Check your spam folder for the verification email from Smartling.
- If your inbox has automated rules for emails from Smartling, ensure to check the folder where these emails typically go.
- Contact your IT team to troubleshoot unblocking the emails from your network.
If I access Smartling via the API or SSO, will I need to authenticate with two-step verification?
No. Currently, the only users who need to authenticate with two-step verification are those that log in with an email address and password.
What should I do if I can't access the inbox associated with my login email address?
The person in your organization that has access to the inbox will have to forward you the verification email within the 10-minute window. We recommend contacting the person who supplied you with the email address before you attempt to log in, so they are aware and are ready to forward you the verification code. For example, if you received your login email address from a translation agency, please contact the agency for help accessing the inbox and verification code.
Tip: If you encounter authentication issues not covered in this article, contact Smartling Support.