Two Factor Authentication for Shared Accounts in Slack

Using Clerk to Communicate 2FA Codes in Slack

Team Clerk Jun 10, 2020

One of our largest requests at Clerk comes from support teams looking to consolidate 2-Factor (or Multi-Factor) Authentication (MFA) codes to their team. Since two-factor authentication requires access to an authentication app on a mobile device, it can be challenging to share your login with other people. This proves especially hard for IT and Consulting teams who manage accounts on a client’s behalf. We often get asked the following question:

Are there any solutions out there that allow multiple people to use two-factor authentication for the same account?

Often times 2FA is managed on behalf of customers via an IT team and it is often linked to an IT professional’s business phone. But if you’re sharing a login with someone, there isn’t an easy way to properly secure your account. The problem here is that this convenience on the customer side creates a plethora of bottlenecks for the IT professional(s) in question:

  1. Teams working with multiple SaaS platforms like Banks, Shopify, Google, Apple iCloud, AWS and more get dozens of daily, if not hourly 2FA requests
  2. The person this burden falls on has to manually copy-paste each code and send it back to a Slack channel identifying the source of that message. If it is not acted on quickly enough, it must then be re-authenticated.

Using Clerk to Automate & Consolidate 2FA in Slack

You can use Clerk to forward messages from a specific number to your Slack team. Get a message from a Bank, for example? No problem, we can filter for messages from Banks so they are sent directly to a Slack channel of your choice, so your team can act on the message in real-time.

Status Quo - Two Factor Authentication
Clerk - Shared Two Factor Codes in Slack

2FA/MFA Use-Cases We Support

  1. 2FA SMS - the standard use-case where simple text-based messages are supported
  2. 2FA Voice calling transcription - Only have the option for a company to call you? We can transcribe an incoming 2FA call so you can receive the code.
  3. Physical Device Validation - This is usually required for Banks and highly sensitive websites as they do not support virtual phone numbers. By using Clerk you are able to receive verification right in Slack. This feature is available only as a PRO Plan add-on.
Two Factor Authentication in Slack

Passwords alone are not enough to keep your data secure. Two-factor authentication is an extra layer of security for your entire business. Store and quickly access your one-time passwords when you enable two-step verification for a website. Your messages will appear right in Slack and consolidated under a shared channel.