How to Setup a Two-Step Authentication in Flow-e

This tutorial will explain what the two-step authentication in Flow-e is and how to set it up.

“Two-step authentication” enhances the security of your authentication process and your email data access.

1) Authentication

By default, you would authenticate with any of your registered accounts and you will authenticate against the account’s provider – Google or Microsoft. Let’s decrypt this:

  • Flow-e does not have knowledge of and does not store your Gmail/Outlook credentials. Flow-e redirects you to the Google/Microsoft accounts portal and ‘asks’ Google to authenticate you.
  • You can log in with any of your registered accounts and view any of the other accounts in your Flow-e subscription. That is why you should add only accounts you own and only you know the credentials to.

With “Two-step authentication”, you can create an additional password for your Flow-e account which will be used in the login process. After you authenticate in Gmail/Outlook you will also have to provide your Flow-e password.

What’s more than passing two passwords one after another here is that you are authenticated against two different authorities. Both Google/Microsoft and Flow-e have to agree on your identity before you can log-in. One doesn’t know about the password used with the other.

This also prevents people who might have access to any of the accounts in your Flow-e subscription to access the other account in the subscription.

2) Data-access

When logging in Flow-e for the first time, or adding a new account to your Flow-e subscription you are asked to give permissions to Flow-e to access specific data like emails and calendar events.

If you agree, the email provider issues access tokens which the Flow-e visualization engine uses to create your email workflow.

All data accessed via the access tokens are retrieved programmatically in real time and no copies are stored on our servers. Key rotation and encryption are used to protect your access tokens at rest and ensure they can not be used on their own.

If you have the two-step authentication enabled, your encrypted keys can only be accessed by you and nobody else, even in the unlikely event of a security breach.

How to set up two-step authentication

Set up a Flow-e password

Open the Power-ups panel and click on the “Two-step authentication” power-up switch.

Enter and confirm your password.

Done. You will be asked to log-in again, from now on, the Flow-e password will be required in your log-in process.

Edit, or disable your Flow-e password

Open the Power-ups panel. If you have a Flow-e password set the switch of the “Two-step authentication” power-up will be ‘on’ (green, switched right).

Click on the switch to go to your password management screen where you can edit or disable your password.