Two-Factor Authentication: What You Need to Know

HubSpot Employee
HubSpot Employee

Hey friends,


Here at HubSpot, we really love security, and we know it’s incredibly important to our customers, too. We recently added new functionality to our two-factor authentication (2FA) offering that we want you to know about, and encourage you to take advantage of: Required 2FA for all users on your HubSpot account. This feature is the surest, most effective way to make sure your users take security seriously! If you don’t know what 2FA is, no worries; we’re here to help!


What is Two-Factor Authentication?

2FA is a security feature that requires you to authenticate your login with two different methods. In the case of your HubSpot account, those two methods are something you know (your HubSpot password), and something you have (your mobile phone, where you can receive an SMS text message or authenticator app code.)


Why Does It Matter?

2FA helps keep your accounts safe because there's a very low chance that a potential attacker has both your password and access to that device. This is true even if your password is something awful, like password123$ (seriously, if this is your password, please change it). 


Okay, Sounds Great! How Do I Do it With HubSpot?

Fantastic question! Enabling 2FA in HubSpot is easy. You can see this documentation on our Knowledge Base to learn about setting it up. This feature is available to all HubSpot users.


I’m a HubSpot Admin, and I Want Everyone on My Account to Use 2FA. Can I do that?

Absolutely! Required 2FA is now available to all HubSpot accounts. You can find the toggle to enable Required 2FA in your Account Defaults settings. Our Knowledge Base has some more information about setup here


If you’re passionate about digital privacy and security, you can read a pretty useful guide from the New York Times about it here.

4 Replies 4
Participant | Diamond Partner

Just my two cents here, I'm loving the authentication app. It was super simple to get set up and now, the accounts are much more secure. #NiceJobHubSpot.

George B. Thomas | Inbound Evangelist | Sprocket Talk
Top Contributor

I have a new iOS device, same number. I need to re-add my hubspot account to the Google Authenticator app. How do I do that?


This is a valid question that really does require an answer.  I love the security that 2FA offers... but I was recently locked out of another account for 6 months because that company did not have a reasonable work-around.  So, yes, please address this... what happens if we get a new device?  Knowing how this will be handled goes far in helping us decide what security features work for us. 


2 factor authentication text is not arriving. I've been smashing into the terrible support at hubspot for a week trying to fix this. I've created this fake account just so i could log in somewhere and try to get some support. FIX YOUR 2FA. 

name, email and phone number are correct, msg pops up saying the text has been sent.  THE TEXT NEVER ARRIVES.