To keep your account information safe, ThoroughCare utilizes two-factor authentication when logging in. Two-factor authentication is an easy-to-use, secure method that supplements passwords to provide an online account with a second layer of security; it does not replace passwords.
Below is a simple step-by-step guide to setting up two-factor authentication from your ThoroughCare Dashboard.
Step 1: Contact ThoroughCare
To begin, contact a ThoroughCare representative so they can enable two-factor authentication for your account. You can contact ThoroughCare by calling 844-842-6422 or using the Intercom text box at the lower right-hand corner of the ThoroughCare site to start a conversation with one of our representatives.
Step 2: Edit your account info
Enter your username and password, and login to your ThoroughCare Dashboard.
From there, click on your username at the top-right of the Dashboard to edit your account info.
Step 3: Enable two-factor authentication
At the bottom of the Edit Account Info page, find the checkbox to “Require two-factor authentication for sign-in” and check it.
Step 4: Verify your device
After checking the box, a pop-up will prompt you to follow the steps to verify your device. Select close and follow the instructions on the screen as seen below:
Download Google Authenticator onto your device from the App Store or Google Play.
Scan or Use Secret
After downloading the app, open it and you’ll be prompted to scan a QR code or enter the secret code. Using the Google Authenticator app, scan the QR code on your computer screen with your phone or enter the secret code.
After scanning the QR code or entering the secret code, you’ll then be provided with a 6-digit token. This token will only be useful for 30 seconds before it times out and generates a new 6-digit token.
After generating the 6-digit token, you’ll then enter your current password to confirm your identity, followed by the 6-digit token from your two-factor app. Finally, click the green “Enable 2FA” button.
Step 5: Save Recovery Codes
After enabling two-factor authentication, you’ll see a popup box with eight 16-digit codes listed. These are recovery codes that you’ll need should you ever lose your phone. Store these codes in a safe and secure place.
Note: after you use a recovery code to sign in, it becomes inactive. As each code can only be used once, be sure to mark the code as used for future reference.
You have now successfully enabled two-factor authentication for your ThoroughCare account!
Now when signing in, after entering your username and password and clicking “Log In”, you’ll be prompted to enter a 6-digit token. Open your Google Authenticator app and enter the current token it shows. Remember, a new 6-digit token is generated every 30 seconds, so you’ll never have to memorize any one token.
Note for Group-Based Users
For group-based users that manage patients across multiple practices: if two-factor authentication is enabled for your user account within one practice, it will be required to log into any of your authorized practices, regardless of whether or not the feature is enabled for the other practices. This is required to allow users to toggle between practices from the ThoroughCare dashboard.