This page provides a Q&A on security measures to prevent unauthorized login, based on frequently asked questions from users. These measures can help prevent issues such as account takeovers.
Table of Contents
- How can I check if my account has been accessed without authorization?
- Is there anything users need to do?
- Can an administrator set up two-factor authentication for users under their management?
- What kind of damage could occur if an unauthorized login happens?
- If two-factor authentication is already set up, do I need to set it up again?
- What security enhancements will Chatwork implement going forward?
- I cannot log in after setting up two-factor authentication.
How can I check if my account has been accessed without authorization?
If a login occurs from an environment you do not usually use, we will send a login notification email to your registered email address.
Reference: What is a Login Notification Email?
If you receive a login notification email for a login you do not recognize, it may indicate unauthorized access by a third party. Please refer to the page below and take appropriate action.
What is an “Update your password to help keep your account secure” email
If we detect suspected unauthorized access, we will also contact you individually by email.
Is there anything users need to do?
Please make sure to change your password and enable two-factor authentication.
If you use the same email address and password across multiple services—including Chatwork—or if your password is easy to guess, the risk of unauthorized access increases. Please change your passwords so that each service uses a different password.
Two-factor authentication is a recommended feature that enhances security by requiring, in addition to your password, an authentication code linked to your smartphone when logging in.
* If you have already set up two-factor authentication, no additional setup is required.
If you are an administrator, please also consider issuing guidance and implementing appropriate measures for users under your management in accordance with your organization’s security policies.
Can an administrator set up two-factor authentication for users under their management?
No. Users must set it up themselves.
However, administrators and user administrators can check whether users under their management have enabled two-factor authentication from the user list. For details, please refer to the page below.
CSV export of user list (user information, usage status, 2-stage authentication settings status)
What kind of damage could occur if an unauthorized login happens?
If an unauthorized login occurs, the person who accessed the account may be able to view message data exchanged on Chatwork. However, registered credit card information cannot be obtained.
If two-factor authentication is already set up, do I need to set it up again?
No. If it has already been set up, there is no need to configure it again.
What security enhancements will Chatwork implement going forward?
Disclosing details such as characteristics of login attempts or attacker information could allow attackers to alter their methods and make it more difficult for us to respond. For this reason, such details are not disclosed at this time. When login attempts that appear to be unauthorized access are detected, we will block them accordingly. In cases where unauthorized access is suspected, we may also notify users by email. We will continue to strengthen our security measures.
I cannot log in after setting up two-factor authentication
Please refer to the page below.
If the issue persists, please contact us using the inquiry form at the bottom of the page.
Cannot Log in Using Two-factor Authentication (for both app authentication and SMS authentication)