Best practices for account security

Enabling two-factor authentication (2FA)

Each user that you add to your Buffer organization will have their own unique login. To ensure the security of your accounts, we encourage you and your users to enable two factor authentication, which adds an extra layer of security to your Buffer account. When 2FA is applied, whenever you log into your account, you'll first be asked for your username and password, and then you'll be asked for a second authentication code. Two-factor authentication codes can be generated either via text message (SMS) or an authentication app, such as Google Authenticator or Authy (available on iOS and Android).

If you're not sure which option to go with (SMS or an authentication app), feel free to do some research. There are some articles, such as this one from CNET, that recommend authentication apps as the most secure. However, we encourage you to make your own choice on the best way to go.

Managing billing details

All Admins can manage the billing details within your Buffer dashboard, so it’s best to be cautious about who is given Admin permissions. 

Who has accessed my account?

While Buffer Customer Advocates will be able to see the IP addresses of the devices that logged into your account up to two weeks ago, it's important to note that if someone is currently logged in, their information won't be detectable. 

If you believe someone currently has access to your account, immediately take these steps:

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Get in touch Get in touch