Why did I receive the code by email?
You have received a verification code by email from our login system if:
- you have logged in yourself. Then, the rest of this article is purely informative for you.
- unauthorized parties have come into possession of your login data. Do not share the verification code under any circumstances and change your password as soon as possible!
It regularly happens that login credentials are stolen from large companies such as Dropbox, Adobe, eBay or through vulnerabilities in well-known blog or forum software as well as through poorly configured servers of smaller websites. Should you use different passwords for each login, the effects are usually limited to unsolicited spam and phishing mails for the respective email address.
To increase the security of your account and data, we apply two-factor authentication, either by email or security key. Even if you have reused your password in Pertuniti, the verification code by email makes it much more difficult for attackers to access your account: they must get the code from you or through your email inbox. We will never ask for it by phone or email. Without your physical security key or the verification code by email, unauthorized people will not be able to log in.
I have shared the verification code. What should I do?
- Change your password in Pertuniti immediately. If you do not have access, use the “Forgot password” function when logging in.
- Log out all accesses and API accesses in Pertuniti. You can find this function after login in the settings under “Security” and “Log out account completely and remove API token”.
- Log in again, check “My Organization” settings for unexpected new members or invitations. Delete invitations and disable unexpected members.
- Restore the security of your email account.
- Inform us now via support@pertuniti.de. Steps 1-3 will most likely already lock out unauthorized persons. Together, we can determine if and what happened.
This way, your API tokens have been removed. If you have implemented automations via API tokens through your account, they will no longer work until you have generated a new API token and entered it in the respective system.
Email account security
The security of your account data in Pertuniti depends on your email account not being compromised, as you can use your email address to reset your password and get a verification code to log in.
If you suspect that your password for your e-mail account has become public, change it immediately. Preferably, choose two-factor authentication for your e-mail account as well, e.g. via app or security key. Assume that all accesses linked to your email account are compromised and change passwords for other platforms.
Pertuniti account security
If you want to enforce a higher level of security, contact us via support@pertuniti.de. We can disable email verification for your account and require the use of security keys. To do this, we should also individually specify verification options for logging in despite lost security keys. There may be a monthly charge for these measures, depending on the level of detail and the amount of work involved.