In order to enhance account security and protect data, we have introduced the two-factor authentication (2FA) model to log in to VarSome, VarSome Clinical and VarSome Premium.
Two-Factor Authentication required enrollment
As soon as you provide your username (email address) and password which you used to register to VarSome to your SSO (Single sign-on) page (https://sso.varsome.com/app/dashboard)
the next step is to set up Two-Factor Authentication (2FA), which is mandatory for new users, by providing a mobile phone number. You cannot add the same mobile phone number for more than one account.
⚠️ Please note that we do not accept numbers generated through a service that provides temporary telephone numbers. If such a number is used, the following error message will be displayed:
"This mobile phone number does not pass our system's security checks. Please use another number."
After clicking Submit, a text message with a code should have been sent to the provided mobile number. Once you receive the code this has to be given in the next step in order to complete the login.
You can select the option "Remember me for 30 days on this device" in case you do not want to add the code on every login.
You will only need to enter the code received via SMS the first time you authenticate. After that, you will start receiving authentication code via email, although the system may still send some codes via SMS as well. If you do not receive the email or the SMS, please contact support team (support@varsome.com) for assistance.
⚠️ Please note that you cannot alter your current phone number. If you want to change it, you need to contact our support team (support@varsome.com). They will remove your existing number, allowing you to add the new one and reconfirm your account.
Other 2FA methods
It is possible to enable 3 additional authentication methods: receiving the code via email, using an authentication application, or saving backup codes. The email option is automatically enabled after you confirm your account for the first time via SMS. However, if you prefer not to receive the code via email, you can activate one of the other two available methods—either the authenticator app or backup codes. To enable the other methods you have to log in to sso.varsome.com and then to your VarSome account manager page.
To navigate to the same page from inside VarSome Clinical, click on your name at the top right and then on Profile. This will redirect you to your VarSome account manager.
Once logged in to the VarSome account manager, on the top right of the page there is a shield icon.
By clicking on the shield icon you will be able to configure your privacy setting, such as changing passwords, enabling other authentication methods or seeing the API token.
The 2FA via the authenticator app can be used by scanning the QR code or by manually entering to your authenticator app the code available in the Two-Factor Authentication page. You will need to enter the code generated by the app to access the platform.
⚠️Please note that when using the Authenticator App, no SMS will be sent automatically. Instead, you should enter the code provided by the Authenticator App when prompted by VarSome. You may still request an SMS code to be sent by clicking on the "Receive code through SMS" link.
The Two-Factor Authentication via backup codes will generate 3 backup codes that you can use to enter the platform. Those backup codes can be used only once and are meant for situations where the primary device (sms, email or application) is not available.
⚠️ Please note that the backup codes should be used as the last option in case you lose your phone or do not have access to your email or the authenticator app.