The importance of protecting our customers and making their transactions even more secure has led us to improve user login protocols.
GuestPro is even more secure thanks to the new procedures implemented to prevent phishing attacks that are affecting the industry.
The improvements impact on two main processes, the creation of users and passwords and the double authentication or 2-step verification.
User registration and password confirmation:
The user registration procedure has strengthened security by adding the requirement to change the password when generating the user registration.
Firstly, we generate the user with their email address and a secure password that we provide to the customer and then we have the option:
→Change password mandatory←.
When activated, the user will have to change the password when accessing the platform for the first time.
Log out from all devices:
This tool allows us to close the session of a user in all the devices in which he/she is logged in, at the moment we detect any attack or anomaly in his/her session.
By activating this option we expel them from the session when we perceive that there may be an impersonation and we request that they log in again with their user data to log in again.
Double authentication or 2-step verification:
This is perhaps the most important resource for protecting the security of sessions on our system. It is mandatory to activate this double authentication or 2-step verification.
The process to activate it can be done through two options:
- Authenticator App
- Email 2FA
Both the mobile app and email 2FA options are valid, but GuestPro recommends the first one, through the app, as with the alternative email there is always the risk of being subject to phishing attacks and identity theft.