You now have the ability to register the BestNotes application with your mobile device. Your device will generate a one time password that you can provide to authenticate the application.
This will enhance the security of all accounts using this feature by requiring an additional level of authentication. In the event your password is compromised, an attacker would still be unable to access restricted information without having access to your mobile device. Each One-Time Password is only valid for a short period of time (30 -60 seconds), so the ability for an attacker to guess the password is extremely small.
How do I enable 2-Factor Authentication for my account?
You will see an option to enable 2-Factor Authentication on the "My Account" screen in BestNotes. When you choose that option, a QR code will appear on the screen with instructions to scan the code with your Authenticator App. Once you have registered BestNotes with your device, you will input the code that is generated on the device to verify the connection was successful. For more detailed instructions visit, Enable 2-Factor Authentication.
When will I be required to input my 2-Factor Authentication code?
Once the 2-Factor Authentication is enabled for your account, you will be asked to provide your one-time password the next time you log in to BestNotes. When providing the one-time password, you will see an option to "Remember this device for 30 days." If you choose that option, BestNotes won't prompt you for the one-time password on that device until that time period has elapsed.
If you have multiple desktop applications downloaded on the same device, a successful 2-Factor Authentication attempt will be required for each profile. The 2-Factor authentication is only available on the desktop applications, but will be available at a later date for mobile and the eMAR login.
How will 2-Factor Authentication be implemented for protected accounts (e.g., sysadmin) or users logging in across databases (billing company users)?
2-Factor Authentication for these specialized accounts will operate the same as for regular users.
What happens if I lose access to my device?
If you are still logged into BestNotes, you can disable 2-Factor Authentication for your account from the "My Account" page. System Administrators and users with the "Manage Users" permission will be able to disable 2-Factor Authentication for a use from the "Edit User" screen in Settings. If either of these actions are done, your account will be less secure and the 2-Factor Authentication should be re-enabled as soon as possible in order to provide the best account security. Visit, Disable 2-Factor Authentication for additional information.
Disabling and re-enabling 2-Factor Authentication will also invalidate all "Remember this device..." settings.
Will there be insight into the 2-Factor Authentication status for each user?
Yes. For System Administrators and users with the "Manage Users" permission, each user's 2-Factor Authentication will be displayed on the users list in the "Settings" area, and below the "Password" fields when viewing the "User Details" screen. BestNotes is also working on adding a '2-Factor Authentication status' to some common reports to make sure that information is visible to Administrators. Visit, 2-Factor Authentication for Administrative users for additional information regarding user status.
Back to top of page