You now have the ability to register the BestNotes application with an authentication app on your mobile device. Your device will generate a one-time code that will authenticate your login attempt.
Why do I need to enable 2-Factor Authentication?
The office for Civil Rights identified weakened healthcare authentication measures as one of the largest causes of data breaches in recent years. 2-Factor Authentication is our response and is based on information collected from the National Institute of Standards and Technology and the Department of Health and Human Services. It will enhance the security of your account my requiring an additional level of authentication. In the event your password is compromised, an attacker will not be able to access restricted information without access to your mobile device.
To learn more you can visit the HHS Cybersecurity Program "Utilizing Two Factor Authentication" or the NIST Special Publication.
How do I enable 2-Factor Authentication for my account?
You will see an option to enable 2-Factor Authentication on the "My Account" screen in BestNotes. When you choose that option, a QR code will appear on the screen with instructions to scan the code with your Authenticator App. Once you have registered BestNotes with your device, you will input the code that is generated on the device to verify the connection was successful. For more detailed instructions visit, Enable 2-Factor Authentication.
When will I be required to input my 2-Factor Authentication code?
Once the 2-Factor Authentication is enabled for your account, you will be asked to provide your one-time code the next time you log in to BestNotes. When providing the one-time code, you will see an option to "Remember this device for 30 days." If you choose that option, BestNotes won't prompt you for the one-time code on that device until that time period has elapsed.
If you have multiple desktop applications downloaded on the same device, a successful 2-Factor Authentication attempt will be required for each profile. The 2-Factor authentication is only available on the desktop applications, but will be available at a later date for mobile and the eMAR login.
How will 2-Factor Authentication be implemented for protected accounts (e.g., sysadmin) or users logging in across databases (billing company users)?
2-Factor Authentication for these specialized accounts will operate the same as for regular users.
What happens if I lose access to my device?
If you are still logged into BestNotes, you can disable 2-Factor Authentication for your account from the "My Account" page. System Administrators and users with the "Manage Users" permission will be able to disable 2-Factor Authentication for a user from the "Edit User" screen in Settings. If either of these actions are done, your account will be less secure and the 2-Factor Authentication should be re-enabled as soon as possible in order to provide the best account security. Visit, Disable 2-Factor Authentication for additional information.
Disabling and re-enabling 2-Factor Authentication will also invalidate all "Remember this device..." settings. |
Will there be insight into the 2-Factor Authentication status for each user?
Yes. For System Administrators and users with the "Manage Users" permission, each user's 2-Factor Authentication will be displayed on the users list in the "Settings" area, and below the "Password" fields when viewing the "User Details" screen. BestNotes is also working on adding a '2-Factor Authentication status' to some common reports to make sure that information is visible to Administrators. Visit, 2-Factor Authentication for Administrative users for additional information regarding user status.
Related articles
Enable 2-Factor Authentication
Disable 2-Factor Authentication
Login with 2-Factor Authentication
2-Factor Authentication for Administrative users