Heyoo offers several ways to keep your account and workspace secure. This article covers two-factor authentication (2FA/MFA), enforcing it across your team, and the enterprise options available.
You can secure your personal login with an authenticator app (TOTP), such as Google Authenticator, 1Password, or Authy.
Go to Account, then Settings, then Security, and choose to enable 2FA.
Scan the QR code with your authenticator app and confirm the 6-digit code to finish setup.
Save your backup codes somewhere safe, so you can sign in if you lose your device.
After that, you'll enter a code from your app (or a backup code) when you sign in.
Workspace admins can require every member to use 2FA, under the workspace admin Security settings. To avoid locking yourself out, you must enrol your own 2FA before you can turn on workspace-wide enforcement.
MFA is standard on the Professional plan and can be enabled for the Team and Growth plans on request. Contact support if you'd like it switched on.
On the Professional plan you can connect Heyoo to your identity provider using SAML SSO. Okta, Google Workspace, and Microsoft Entra ID (Azure AD) are supported. SSO can be enforced per email domain. SCIM directory sync can automatically provision and deprovision users from Okta or Azure AD. See the dedicated SAML/SSO guides for step-by-step setup.
You stay signed in for up to 30 days on a device. On shared or public computers, use Log out rather than just closing the browser. A clean log out and log back in also clears the occasional display glitch, for example a profile that appears not to save.