What is 2-Factor Authentication?
2-Factor Authentication can be configured to increase the security of employee accounts for your restaurant's back-end.
When employees with 2-factor authentication enabled log in to Toast via backend, first they are prompted for their email and password, then they are asked to provide a 6 digit, time-sensitive code. This code can be obtained either by selecting 'Text Code' in which the code will be texted to the phone number on file or by setting up the Google Authenticator app on a smartphone and opening it to retrieve the code.
Am I required to setup 2-factor Authentication as an admin or manager?
2-Factor Authentication is an optional setting for users created in Toast. It is enabled at the individual employee level and is not required for anyone, but is available to everyone with the ability to login at toasttab.com.
Steps to enable:
1. Sign into your Toast account by logging into toasttab.com and selecting the Account dropdown in the top right corner of the screen. You will see the 2-Factor Authentication option as it appears below.
Note: The employee him/herself- not an administrator, must enable this feature since the employee will need to interact with their phone to validate it.
2. Follow the instructions on the page. Codes can be delivered through the Google Authenticator app or via text message.
It is recommended that you set up both of these. Google Authenticator will be the fastest way to log in, but having text messages as a backup in case you remove the app or similar is a good idea.
3. Print out the recovery codes and store them in a safe location. These emergency one-time-use codes can be used if you lose or replace your phone. They will allow you to get into your account and update your 2-factor settings.
What happens if I lose my phone and can't login?
If you are locked out of your account because you have lost your phone, call Toast support or have a restaurant administrator assist in getting back into your account.
Note: The restaurant administrator needs to have the "User Permissions" permission in order to temporarily disable 2-factor authentication on the account. This disables it for 10 minutes, allowing enough time to reconfigure their 2-factor settings.
Steps to temporarily disable 2-Factor Authentication
1. Navigate to the list of employees in the 'Employees' section
2. Click the blue link of the employee's name from the list (note: not the pencil icon)
3. Click the 2-Factor Setup button in the toolbar
4. Click the Disable for 10 Minutes button - for the next 10 minutes, the employee will be able to log in to Toast without entering a 2-factor code. Once that 10 minutes has past, they will not be kicked out. But, if they go to any sensitive page that normally requires re-entry of their password (e.g. editing other users) they will be required to enter a code to continue.
5. If you want to immediately re-enable 2-factor for any reason during this 10 minutes, you can do so from the same page.
If you have any trouble and would like assistance, contact Toast Support for help.