Articles on: Introduction

Browser authentication for secure login

Additional security layer

Browser authentication for secure login



Introduction


Protecting your data is our top priority.

ChurchDesk already offers two-factor authentication (2FA).

An additional layer of security is our browser authentication.

Users without 2FA enabled will now need to provide additional confirmation of their access by entering a one-time code received via email.


This security layer applies to both the web application and the mobile app, protecting your ChurchDesk account from unauthorised access.


Benefits of browser authentication


  • Additional protection for accounts without 2FA.
  • Automatic detection of suspicious login attempts (new device, new browser, different country, VPN).
  • Simple confirmation via a one-time code sent directly to your registered email address.
  • Works seamlessly on web and mobile.


Contents




Permissions & Roles

When is browser authentication required?


For all users without Two-factor-authentication (2FA) enabled.

Browser authentication applies to all users who have not yet set up two-factor authentication.

The frequency varies depending on the sensitive data to which the user has access.


  1. Users with permission for sensitive data: Will be prompted for browser authentication every time they log in their account. Tip: They can enabled 2FA.
  2. Users without permission for sensitive data: Browser authentication will be triggered in the following situations — both on web and mobile:


Login without permission for sensitive data
  • Via a new browser
  • Via a new device (computer, smartphone, or tablet)
  • Via a VPN connection
  • Login from a different country than the one where your ChurchDesk account is registered. EXAMPLE: A user with a British ChurchDesk account travels to France and logs in there. Upon attempting to log in, they will be prompted to authenticate their browser via an email code.)



How browser authentication works


  1. Log in as usual with your email address and password.
  2. If browser authentication is required, you will be prompted to verify yourself.
  • a) You will automatically receive an email with a unique one-time code at your registered email address.
  • b) If you also use the ChurchDesk app, the verification code for web access can also be sent to your mobile app, provided that push notifications for the ChurchDesk app have been allowed on your smartphone.
  1. Enter the code in the designated field in your browser or mobile app, or confirm your desktop login using your phone.


After successful entry, you will be redirected to ChurchDesk and can work as usual.


The one-time code is only valid for 15 minutes. If the code has expired, you can request a new code via the login process.



Example email:



Example moblie app varification:





Notes & Recommendations


Keep your email address up to date: Ensure that the email address stored in ChurchDesk is correct and that you have access to it. Without access to your inbox, you cannot receive the one-time code.


  • Check your spam folder: If the email with the code does not arrive, please check your spam or junk folder.
  • 2FA as an alternative: With two-factor authentication enabled, the additional browser authentication is not required. This is the most convenient and secure option for regular use.


IMPORTANT! Never share your one-time code with third parties. ChurchDesk employees will never ask you for your login code.

Updated on: 12/05/2026

Was this article helpful?

Share your feedback

Cancel

Thank you!