Emergency situation

In case of emergencies or breakdowns, you can send an SMS to our emergency hotline

On-call phone (SMS only)

+45 29 70 15 95

Send an SMS with the following information:

  • Your name and webshop
  • Description of the problem
  • Your callback phone number

Notes: This service is only for critical situations where your webshop is down or has serious problems. For regular support, please use our normal support channels.

All support articles

Login and two-factor authentication (2FA)

Two-factor authentication (2FA) is optional extra security on your Shoporama login. Choose between the Authenticator app or free SMS and secure your admin against intrusion.

Reading time: approx. {eight} minutes
Shopejer

Two-factor authentication (2FA) is an optional extra security on your Shoporama login. You can choose between an Authenticator app or SMS, and you can always turn it off. This article explains how to set up 2FA, what methods are available and what to do if you lose access to your phone.

In short: 2FA is optional in Shoporama. It's not something we force anyone to do. However, we strongly recommend it because it's one of the most effective ways to protect your admin.

What is two-factor authentication?

Two-factor authentication (2FA for short) means that in addition to your password, you also need to verify your login with something you have: typically your cell phone. Even if someone knows or guesses your password, they can't log in without also having your phone.

In Shoporama, you decide if you want to use 2FA on your own user. Each user in the shop controls their own 2FA setup. Therefore, you can have it enabled even if your colleagues don't, and vice versa.

What 2FA methods are there?

Shoporama offers two different methods. You can only have one active at a time per user:

  • Authenticator app (recommended): An app on your phone that generates a new 6-digit code every 30 seconds. Uses the open TOTP standard and works with Google Authenticator, Microsoft Authenticator, Authy, 1Password and similar.
  • SMS: A one-time code is sent to you via SMS every time you log in. Only works with Danish mobile numbers.

Tip: The Authenticator app is more secure than SMS and also works when you're offline or abroad without mobile coverage. SMS, on the other hand, is easier to get started with if you're not used to apps.

Turn on the Authenticator app

Before you get started, you need to install an Authenticator app on your phone. Google Authenticator for Android or Google Authenticator for iPhone are good choices, but you can use whichever app you prefer.

  1. Click on your name in the top right of the admin and select Authenticator.
  2. Click the Activate button.
  3. Open your Authenticator app and scan the QR code on the screen.
  4. Enter the 6-digit code from the app in the field and click Approve activation.

From the next time you log in, you will be prompted for a code from the app after entering your password.

Important: When you turn on the Authenticator app, the Forgot password by email feature is disabled. If you lose both your phone and password, contact support to reset your 2FA.

Turn on SMS authentication

  1. Click on your name in the top right corner of the admin and select 2-step login (or go to /user/sms-auth in your admin).
  2. Check Enable 2-step login.
  3. Enter your Danish mobile number (without country code).
  4. Click Save.

From the next login, we will send a code to your mobile number, which you enter together with your password.

SMS is free: Shoporama pays for the SMS messages itself. You don't need an SMS agreement, a CPSMS account or any other integration. It works instantly as soon as you save your mobile number.

Turn 2FA off again

You can turn 2FA off again at any time as long as you are logged in:

  • Authenticator app: Go to Authenticator in your profile menu and click Disable two-factor.
  • SMS: Go to 2-step login, remove the checkmark and click Save.

If you have lost access to your phone

If you can no longer generate codes (lost phone, new phone without backup, or the app is deleted), please contact us. Write to support@shoporama.dk from the email address associated with your account. We will reset your 2FA and you can log in with your password and set up a new device.

Do all users need 2FA?

It's up to each individual user. Shoporama doesn't force 2FA on anyone, and as an owner, you can't turn on 2FA on behalf of your coworkers. You can only encourage them to do so. We strongly recommend that everyone with admin access enables 2FA, especially if multiple people use the system or if you handle many orders and customer data.

Want to read more about user management? See Create multiple users in your shop and Create security profiles.

Passwords and general security

2FA doesn't replace a good password, it complements it. Shoporama stores passwords encrypted with bcrypt, so even our staff can't see your password. Older accounts are automatically upgraded to the new encryption at the next login.

If you need to change your password, you can go directly to Change password in Shoporama.

Troubleshooting

  • Code is rejected: Check that the clock on your phone is set to automatic time synchronization. Authenticator codes are time-based and even a few seconds off can invalidate the code.
  • SMS does not appear: Check that your mobile number is entered correctly during 2-step login and that it is a Danish number. Also check that your phone has coverage and is not blocking SMS from unknown senders.
  • The QR code will not scan: Hold the phone a little further away from the screen and make sure you have good lighting. Most apps also offer the option to enter the secret manually if scanning fails.
  • Lost both phone and backup: Write to support@shoporama.dk from the email associated with the account and we will reset your 2FA.

Frequently asked questions

Is 2FA required to use Shoporama?

No. 2FA is optional. You can use Shoporama without 2FA, and you can turn it on and off at any time. However, we strongly recommend it for security reasons.

Does it cost anything to use SMS-2FA?

No, it doesn't. Shoporama pays for the SMS messages itself. You don't need an SMS agreement, CPSMS account, or any other integration. The Authenticator app is also free to use.

I've lost my phone. How do I get back in?

Write to support@shoporama.dk from the email associated with your account. We'll manually reset your 2FA so you can log in with your password and set up a new device.

Can I force my colleagues to use 2FA?

No, you can't. Each user controls their own 2FA. As the owner, you can encourage everyone to enable it, but you can't enable it on behalf of other users from admin.

Which Authenticator app should I choose?

Shoporama uses the open TOTP standard, so any Authenticator app will work. Google Authenticator, Microsoft Authenticator, Authy, and 1Password are all good choices. Choose the one you prefer or the one your company already uses.

Can I switch to a new phone without losing access?

Yes, you can. Before you throw away your old phone, you can log in to Shoporama, disable 2FA, and turn it back on with your new phone. Many Authenticator apps (e.g. Authy and Google Authenticator with Google Account) can also transfer codes to a new phone on their own.

What happens to "Forgot password" if I enable 2FA?

When you enable 2FA (both Authenticator and SMS), the regular Forgot password feature via email is disabled. This is to prevent anyone from bypassing 2FA simply by accessing your email. If you need to be reset, this is done manually by support.

Does SMS-2FA work abroad?

SMS is sent to Danish mobile numbers. If you are roaming abroad, it usually works fine as long as your phone can receive SMS. If you travel often or have foreign employees, the Authenticator app is a better choice because it also works without mobile coverage.

Is just using a good password secure enough?

A strong, unique password is a good starting point, but unfortunately, passwords leak from other services all the time. 2FA is the best defense against a leaked password being used to log in to your shop. We recommend it for owners, bookkeepers, order processors and anyone else with admin access.

If you have any questions or need help setting it up, write to support@shoporama.dk and we'll be happy to help.

Related articles

Change your password in Shoporama

How to change your Shoporama admin password. Step-by-step guide and tips for a secure password.

Create security profiles

Guide to creating security profiles for products in Shoporama according to EU regulations.

Create more users in your shop

Guide to creating multiple user logins for your Shoporama admin.

Remove a user from your shop

Guide to removing a user from your business in Shoporama admin.

Related features

🔒

Two-factor login - extra security for your webshop

Protect your online store with two-factor login. Easy to set up with Google Authenticator, Authy or other TOTP apps.
🧑‍💻

More users

Create unlimited users in your Shoporama online store for free. Access control, personalized settings and easy creation.