Skip to main content


Kareo Help Center

Two-Factor Authentication (2FA)

Updated: 05/09/2023
Views: 35

Take the necessary steps to minimize your practice’s security vulnerabilities such as viruses, hackers and other cyber attacks, by requiring your team to verify their identity when logging into Kareo and accessing its data, rather than just asking for a username and password.

Two-Factor Authentication (2FA) is enabled at the account level and is enabled for all users for all practices under the account. Any System Administrator can enable or disable 2FA in the account. Review the Two-Factor Authentication FAQs to learn more.

Important Note: Before enabling 2FA, System Administrators must verify the email and phone number for all users in the Desktop Application (PM) and/or users in the Web Application. Users will not be able to access Kareo if the following information is not entered correctly.

  • Login email/E-Mail: The user must have a valid unique up-to-date email address to which they can only access to receive a confirmation code
  • Phone: The user must have a mobile phone number to which they can receive a confirmation code via text message

Navigate to Two-Factor Authentication

  1. Click Settings > Options > Two-Factor Authentication. The Two-Factor Authentication window opens.
  2. To enable or disable 2FA, click Edit. The Two-Factor Authentication editor opens.

Enable Two-Factor Authentication

Enabling 2FA will require all users of the Kareo account to authenticate their identity when logging into Kareo.

Before proceeding, System Administrators must verify that all users in the Desktop Application (PM) and/or users in the Web Application each have a valid unique up-to-date email address and a mobile phone number to which only they can access the confirmation code. Users will not be able to access Kareo if the email and phone number are not entered correctly.

  1. Click to select "Enable Two-Factor Authentication".
  2. Click Save. The Enabling Two-Factor Authentication pop-up appears.
  3. Click Continue to complete authentication. The 2FA login method options display.
  1. Click to select the login method for 2FA: "Email Address" or "Text Message".
  2. Click Continue. A 6-digit code is sent to the user's email address or phone number based on the selected method.
    Note: The confirmation code expires after 15 minutes. 
  1. Once the code is received via email or text message, enter the 6-digit code in the Confirmation Code field.
    Note:  Users have seven attempts to enter the correct 6-digit code. If the user fails all attempts, the user account is locked and will require a System Administrator to reactivate the user account.
  2. Click Confirm. The Two-Factor Authentication window opens and the status updates to Enabled. All users of the account will be required to verify their identity using 2FA to access Kareo.

Disable Two-Factor Authentication

System Administrators can remove the authentication process for all users of the Kareo account by disabling 2FA. Once 2FA is disabled, all users will only be required to enter their username and password to log into Kareo.

  1. Click to clear "Enable Two-Factor Authentication".
  2. Click Save. The Disabling Two-Factor Authentication pop-up appears.
  3. Click Disable to confirm. All users of the account will no longer be required to authenticate their identity when logging into Kareo.
  • Was this article helpful?