This feature is available on all Goodshuffle Pro Plans.
Your Goodshuffle Pro account holds client contracts, payment records, and business data. A few simple habits make it significantly harder for anyone to break in.
Your Security Checklist
Action | Why it matters |
☐ Enable 2FA with an authenticator app | Even if someone gets your password, they can't log in without your phone |
☐ Use a unique, randomized password | Short or reused passwords are easy targets |
☐ Use a password manager | Lets you use strong passwords without memorizing them |
☐ Save your recovery code offline | Your lifeline if you ever lose your phone |
☐ Give each team member their own login | Shared logins break 2FA and create security gaps |
☐ Require 2FA for your whole team (Account Owners) | Protects your business even when employees change |
☐ Only trust personal devices for 30 days | Never check "Trust this device" on a shared or public computer |
To learn more about why 2FA is so important, check out this article.
Enable 2FA
2FA is the single most effective security step you can take. Once enabled, every login requires a temporary code from your phone in addition to your password.
Go to Account → Security → Enroll in 2FA
Download Google Authenticator (Android download or Apple iPhone download) or Authy on your phone first
Save your recovery code in a secure, offline location
If your business has processed $50,000 or more in online payments, 2FA is required for Account Owners and Admins and cannot be turned off.
Refer to this help article for specific instructions and video walkthroughs.
Use a Password Manager
A secure password is one you can't remember — long, random, and unique to each site. A password manager handles this for you. The Goodshuffle team uses 1Password, which also offers shared team vaults.
⚠️ Never reuse passwords across sites
If one site is breached, all accounts with the same password become vulnerable.
Protect Your Recovery Code
Your recovery code is a one-time-use backup that gets you into your account if you lose access to your phone.
Do store it in a password-protected note or encrypted file on your personal computer
Don't store it in your password manager — if the manager is compromised, so is your backup
Don't store it in email — email accounts are frequent targets
Give Every Team Member Their Own Login
Sharing a login creates a chain reaction: when one person enables 2FA, everyone trying to use that login gets locked out. Individual logins also give you an audit trail so you'll know who made changes in the account.
As an Account Owner, you can invite teammates and assign roles from Account Settings → Team Management.
2-Factor Authentication, also known as 2FA, is an added layer of protection that can be used to ensure the security of your Goodshuffle Pro account—over and above that of your username and password. It requires an extra form of authentication (such as a randomly generated number or backup code) to log in. To learn more about why 2FA is so important, check out this article.
Are you the account owner and want to require your team to enroll in 2FA? Click here.
Want to stay logged in for 30 days on your computer without entering your 2FA code? Click here.
Need Additional Support? Click the blue chat bubble in the bottom corner of your screen to message our support team—we’re happy to help!