2-step verification is available for all license types on Wrike Enterprise accounts.
- Important Information
- Authentication Apps
- Enable 2-Step Verification (for a user license)
- Enable 2-Step Verification (for all users on an account)
- Reconfigure 2-Step Verification
- Disable 2-Step Verification for a User's License
2-step verification (also called two-factor authentication or 2fa) provides an extra layer of security to the sign in process: it requires you to enter a time sensitive verification code after you enter your username and password.
When you enter the security code, you have the option to “Remember this computer”. Choose this option to bypass the second authentication step for the next 30 days when accessing Wrike from that particular computer. If you choose this option, please be sure to lock your computer when you walk away from it.
2-step verification can be enabled for specific users or for all users who are part of the same account.
- If you have 2-step verification enabled, you can use one-time passwords to log in to applications which do not natively support 2-step verification.
- Wrike does not support verification codes which are delivered via text message.
- Recovery codes are only valid once. Each time you reconfigure or reset 2-step verification settings, a new recovery code is generated.
- If you use Google Auth (or another SSO provider) to log in to Wrike, then 2-step authentication is handled through them. G Suite customers can easily enable 2-step verification with Google.
- You can read about the advanced practices we employ in our Security overview.
To use 2-step verification you must have an authentication app, on your mobile phone or tablet, which can generate time-based, one-time passwords. 2-step verification can be configured to work with applications that use Time-Based, One-Time Password Algorithm (TOTP) for generating access codes from a shared secret key.
Please note, authenticator apps generate valid codes even when your device has no phone or data connectivity.
We recommend different authentication apps, depending on the type of phone you use:
- iOS: Google Authenticator app from iTunes.
- Android: Google Authenticator app from the Google Play Store.
- Windows: Microsoft Authenticator app from the Windows Store.
- Download an authentication app on your mobile phone or tablet.
- From the Wrike Workspace, click on your profile image in the upper right-hand corner of the Workspace.
- Select “View profile” from the dropdown list which appears.
- Locate the heading “2-Step Verification” under the “Security Settings” section.
- Click “Enable”.
- Follow the prompts generated by the configuration wizard. You will be asked to enter your Wrike password and confirm that your preferred authenticator app is installed on your mobile device.
- Enter a 6-digit verification code generated by your authenticator app and click “Verify”.
- Wrike will provide a recovery code. Please make sure to keep this code, it's only shown once, and you will need it if you ever need to disable 2-step verification and access your account.
This action must be done by an account admin. Please note, if 2-step verification is turned on for the whole account, then individual users aren't able to disable 2-step verification for their user license, an admin must do it for them.
Before enabling 2-step verification for all users on the account, we recommend you:
- Instruct team members to enable 2-step verification on their personal profiles first.
- Confirm that everyone has enabled 2-step verification (you can check progress from the “2-step verification” section of the Security tab on Account Management).
Once everyone has enabled 2-step verification for their user license, turn on 2-step verification for all users who are part of the account:
- Click on your profile image in the upper right-hand corner of the Wrike Workspace.
- Select the “Security” tab.
- Locate the section on 2-step verification.
- Select the radio button next to “Obligatory for all users”.
- Click “Save changes”.
- Click “Check password” on the pop-up which appears.
Once 2-step verification is turned on for everyone, new members who join the account are prompted to configure 2-step verification when they confirm their invitations.
If you would like to use 2-step verification with a different mobile device, you can reconfigure your settings. We recommend installing an authenticator app on your new phone before reconfiguring your 2-step verification settings.
- Click your profile image in the upper right-hand corner of the Wrike Workspace.
- Select “View profile” from the dropdown list which appears.
- Click “Configure” under the heading “2-step verification”.
- Click “Reconfigure” on the pop-up which appears.
- Enter your password and press “Continue”.
- Follow the setup wizard’s prompts to reconfigure your settings.
If you have two-step verification enabled, but no longer have access to your phone, you can:
- Click the “Lost your mobile device?” link on the Wrike login page. You will be prompted to enter the recovery code which was generated when you were enabling 2-step verification for your account. If you do not remember your recovery code you can click "Can't provide a code" and a message will be sent to your account administrator informing them that you have been locked out of your account.
- Contact one of your account admins so that they can temporarily disable 2-step verification for you. You can then login and reconfigure your 2-step verification settings.
If 2-step verification has been turned on for all users on a subscription, then a user cannot turn off 2-step verification for their user account, but an admin can do it for them.
- Click on your profile image in the upper right-hand corner of the Workspace.
- Select “Account Management” from the dropdown menu which appears.
- Switch to the “Users” tab.
- Select the user who you need to disable 2-step verification for.
- Click the “Off” option to the right of the “2-step verification” heading.
Please note, if 2-step verification is turned on for the account, then disabling 2-step verification is temporary and the user will be asked to enable the security feature when they sign in to their Workspace.