Best practices for account security

Enabling two-factor authentication (2FA)

Each user that you add to your Buffer organization will have their own unique login. To ensure the security of your accounts, we encourage you and your users to enable two factor authentication, which adds an extra layer of security to your Buffer account. When 2FA is applied, whenever you log into your account, you'll first be asked for your username and password, and then you'll be asked for a second authentication code. Two-factor authentication codes can be generated via an authentication app, such as Google Authenticator or Authy (available on iOS and Android). *We recommend using an authentication app instead of SMS/text — if you're not in cellular reception (eg: working on an airplane, or in a remote area), your code will not reach you via SMS, but you can use authenticator apps whenever you're connected to wifi. Read more about authentication apps from CNET here.

Managing billing details

All Admins can manage the billing details within your Buffer dashboard, so it’s best to be cautious about who is given Admin permissions. 

Who has accessed my account?

While Buffer Customer Advocates will be able to see the IP addresses of the devices that logged into your account up to two weeks ago, it's important to note that if someone is currently logged in, their information won't be detectable. 

If you believe someone currently has access to your account, immediately take these steps:

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.