In this article:
Keycafe uses a number of protocols to ensure your data is protected. For information on the security measures that Keycafe implements visit our Security page.
A Note About Security and Key Management
While Keycafe takes steps to secure its software and hardware platforms, key management depends on customers to use the service properly, minimize error, and maintain vigilance. Nonetheless, it comes with risks. Keycafe SmartBoxes are not designed for maximum physical security. SmartBoxes in some rare cases have been targeted and thus should always be kept in a secure and monitored environment. Any keys you drop off should never be labeled with identifying address information. Even if you meet all of our recommended security guidelines, there are nonetheless inherent risks and those who will target the Keycafe service. Please see the Keycafe Terms for more information.
Organization-Level Security
These security settings affect all users within your organization.
User Key Pickups 2FA
This setting allows you to enforce an extra layer of security during the pickup of keys within your organization. By enabling this feature, when a key pickup is attempted using a phone number or access code, a two-factor authentication code must be inputted into the SmartBox to complete the pickup.
This feature is on 2FA via SMS by default. By having this enabled you require any user using a phone number or access code to be sent a two-factor authentication code via SMS.
Alternatively, you can select 4 Digit PINs which will allow users to set a personal identification number they can enter instead of receiving a new code each time via SMS.
Note that this setting does not apply to key pickups done using a booking code, URL link, or Keycafe's iOS and Android applications which already have additional authentication layers.
Account-Level Security
These settings affect only your account when it comes to login credentials and key pickups and drop offs.
My Login 2FA
This setting requires the entry of a unique code that is sent to your mobile phone when you log in from any device. This setting is on by default to add further protection to your Keycafe account.
To control this security feature:
- Click the user dropdown at the top near the right side and select My Account.
- Select Security.
- Toggle the My Login 2FA setting to enable or disable the requirement. We recommend that you keep this setting on.
My Key Pickups 2FA
Toggle it on to require anyone using your mobile number or access code to also input a two-factor authentication code sent via SMS message to your mobile number.
Setting Your PIN
If the owner of the keys you are using has enabled 4 Digit PINs, you can set up your own PIN.
- Click the user dropdown at the top near the right side and select My Account.
- Select Security.
- In the Key Exchange section, enter a 4 Digit PIN and select Update.
Security Recommendation
Please note that for security purposes, we always recommend to keep two-factor authentication settings enabled. Turning off two-factor authentication for your key exchanges means that anyone who knows your mobile phone number or your visitor's mobile number will have access to your keys.
Resetting Your Password
If you have forgotten your password and cannot log into your Keycafe account, proceed with the following steps.
- Select Login from the top menu on the Keycafe homepage.
- Enter your account's email address.
- Select Forgot Password?
- Check your account's associated email address for an email with a password reset link.
Don't Have Access to Your Email?
If you do not have access to your account's original email address, contact our support team for help.
Changing Your Password
Strong Passwords
We recommend that users always use a unique password that is comprised of numbers, letters (lowercase and capital) and symbols. Our minimum requirement is a password of at least 8 characters with at least one letter and one number.
- Click the user dropdown at the top near the right side and select My Account.
- Select Security.
- In the Change Password section, enter your current password along with the new password.
- Select Confirm to save the change.
The next time you log into Keycafe, an SMS message with an authentication code will be sent to your mobile number. Type this code into the provided prompt.