Overview
Safeguarding your account is our top priority. To protect your brokerage and client data, we are requiring two-factor authentication (2FA) for all users. This added layer of security ensures that even if your password is compromised, your account remains protected.
Setting up 2FA is a simple process, and we've outlined the steps below to guide you through it.
What is Two-step authentication?
Two-step authentication (2FA) is an extra layer of security for your BoldTrail BackOffice account. This security measure ensures that you're the only one who can access your account, better protecting both your brokerage and your client's private information. Instead of only entering a password to log in, you’ll also enter an authentication code received via SMS or phone call on your device.
How to set up Two-step authentication (2FA)?
When prompted, you need to enter a mobile phone number and select whether you want to get the code via SMS or voice message.
Next, enter a verification code and click Confirm.
All set! You've secured your account with Two-step authentication.
Each time a user logs in to BoldTrail BackOffice, they will be prompted to enter a unique token sent to their mobile phone number.
After a successful login, the system will remember the device for the next 10 days.
When are users prompted to enter their 2FA credentials?
When 2FA is enabled, users are required to enter 2FA credentials each time a username/password login is necessary. This includes instances such as initial log-in, logging in from a new device, after signing out, or when the browser cache has been cleared.
In accounts with Payments enabled, users will be prompted to re-enter a 2FA code every 60 minutes while performing higher-risk actions, even on remembered devices. These actions include:
Paying an agent (Admins)
Invoicing an agent (Admins)
Changing the bank account linked to their brokerage account (Admins)
Changing the bank account linked to their user account (Users)
Changing email address (All)
Changing password (All)
How to recover access to my account?
You should contact BoldTrail BackOffice Support for assistance in recovering your account.
Why am I not receiving SMS messages?
Make sure your device can receive short messages and check that the number 22395 is not on your blocked list.
If you're traveling internationally, you may encounter issues receiving SMS for two-factor authentication (2FA). Before your trip, contact your carrier to verify you can receive SMS messages while abroad.
Frequently Asked Questions
Do all users need 2FA or just certain roles?
All users (admins, agents, TCs, everyone else) must use 2FA when signing in to BoldTrail BackOffice.
How often will I be prompted for 2FA?
On login, unless you’re on a remembered device (remembered for 10 days). If your brokerage has Payments enabled, you’ll be asked to re-enter a code every 60 minutes while performing higher-risk actions (like paying/invoicing agents, changing bank info, email, or password).
What if my device is lost, stolen, or unavailable?
Contact BoldTrail BackOffice Support; we’ll verify your identity and may temporarily suspend 2FA for troubleshooting, then require you to re-enable it immediately.
Can multiple people share the same login?
For security reasons, account sharing is not recommended. Each user should have their own login credentials and 2FA setup. Sharing logins can result in login failures and security risks.
Why can’t I disable 2FA?
2FA is required for all accounts. Users and admins can’t turn it off. In rare cases, Support may temporarily suspend 2FA to resolve a specific issue after identity verification.
Are there exceptions for MLS or other systems that don’t require 2FA?
No. 2FA is a BoldTrail BackOffice requirement to protect client and transaction data.
How do new users set up 2FA?
Add them as usual. On their first login, they’ll enter a mobile number and verify via SMS or voice call.