What is Login & Security Settings?
Digitail gives you and your clinic several tools to control who can access the platform and how. These settings help protect sensitive client and patient data from unauthorized access.
How This Helps Your Daily Work
Role | How it helps |
All staff | Enable personal 2FA for stronger account security, generate a PIN for faster login inside the clinic, and update your password when needed. |
Practice managers | Control clinic-wide 2FA, restrict logins to specific IP addresses, and manage per-user whitelist exceptions - all from one place. |
Where to find it
Security settings live in two places depending on what you want to configure:
My Profile - for personal settings: your individual 2FA (TypingDNA), your Access PIN, and your password. Go to your profile photo in the top-right corner and select My Profile.
Clinic Preferences - for clinic-wide settings: email 2FA, IP whitelists, and PIN login. Go to Settings → Clinic Preferences.
How to manage your security settings
Enable clinic-wide Two-Factor Authentication (2FA) via email
By default, 2FA is enabled for all users in your clinic. When a user logs in from an IP address that Digitail doesn't recognize, they receive a 6-digit verification code to their email. They enter that code to complete login.
The code expires after 5 minutes, so make sure all users have a valid email address on their profile.
To manage this setting:
Go to Settings → Clinic Preferences
Find the Two-Factor Authentication toggle
Enable or disable it as needed
Click Save
Disabling 2FA applies to the entire clinic and all staff members - not just your own account. We strongly recommend keeping it enabled.
Enable individual Two-Factor Authentication with TypingDNA
In addition to the clinic-wide email 2FA, each user can enable their own personal 2FA through TypingDNA. When enabled, you'll be asked to verify your identity via TypingDNA on every login - regardless of the IP address you're logging in from.
This gives you an extra layer of protection on top of the clinic default.
To enable it:
Click your profile photo in the top-right corner and select My Profile
Inside Options section, check Enable two-factor authentication with TypingDNA
Click Save
Log out and log back in - you'll go through the TypingDNA verification on your next login
Set up IP Whitelists to restrict access
IP Whitelists let you limit platform access to specific network locations - for example, allowing logins only from inside the clinic. Staff who try to log in from an unapproved IP will be blocked.
Before you start, check whether your clinic's internet connection uses a static IP (stays the same - ideal for whitelisting) or a dynamic IP (changes over time - could lock you out if it changes). Contact your internet provider if you're not sure. You can also find your current IP at whatismyipaddress.com.
To set up whitelisting:
Go to Settings → Clinic Preferences
Find the IP Whitelist section and add your clinic's IP address(es)
You can add individual IPs or a range - no need to list every device separately
Click Save
⚠️ If your IP changes after whitelisting is enabled and you get locked out, a clinic administrator can still log in using their email 2FA code, which bypasses the IP restriction. Once in, they can update the whitelist or disable it.
Generate your Access PIN
When IP Whitelists are active, users can log in with a PIN instead of their full email and password - as long as they're on an approved IP. This makes the login process faster inside the clinic.
To generate your PIN:
Go to My Profile
Scroll to the Access PIN section
Click Generate to create your PIN
Store it somewhere safe - it's only displayed once. You can regenerate a new PIN at any time.
📌 Your PIN only works from whitelisted IP addresses. It won't work as a login method if IP Whitelisting isn't enabled for your clinic.
Other Things You Can Do
Disable IP Whitelisting for specific users
If most staff should be restricted to the clinic network but certain users - like vets who work remotely - need broader access, you can create per-user exceptions.
Go to the Team page in admin settings
Open the staff member's profile
Scroll to Options and check Disable IP Whitelist
Click Save
That user can now log in from any IP using their password. They can still use their PIN when on a whitelisted IP.
Password requirements and annual renewal
Digitail enforces a minimum password standard for all users:
At least 8 characters
At least 1 number
At least 1 special character
Passwords expire every 12 months. You'll receive a reminder 2 weeks before your password expires.
If you don't update it before the expiry date, you'll be prompted to set a new one on your next login - and you won't be able to access any other page until you do.
Tips & Best Practices
Keep all user email addresses up to date in their profiles - email 2FA won't work if the address is missing or wrong.
Use a static IP for your clinic's internet connection if possible. Dynamic IPs can change and lock out your whole team if the whitelist isn't updated in time.
Encourage all staff to generate a PIN once IP Whitelisting is set up - it makes day-to-day login noticeably faster.
If you're a vet who works across multiple locations or from home, ask your Practice Manager to disable the IP Whitelist on your profile so you're not blocked.
Don't share your PIN. Unlike a password, it's short enough that someone nearby could observe and memorize it.
Enable TypingDNA 2FA on your personal profile if you want an extra layer of security on top of the clinic-wide setting.
Common Questions
Why did I receive a 2FA code by email even though I've logged in before?
The email 2FA code is triggered when Digitail detects a login from an IP address it doesn't recognize. This can happen if you're logging in from a new device, a different network, or if your IP address has changed. It's not triggered on every login - only when the IP is new.
I didn't receive the 2FA code in my email. What should I do?
Check your spam or junk folder first. If it's not there, make sure your email address is correct on your My Profile page. The code expires after 5 minutes, so if too much time has passed, try logging in again to request a new one.
My clinic enabled IP Whitelisting and now I can't log in from home. What do I do?
Ask your Practice Manager to disable the IP Whitelist on your user profile - this gives you an exception so you can log in from any IP. They can do this from the Team page in admin settings.
Can I use my PIN to log in from home?
No - the PIN only works from IP addresses that are on your clinic's whitelist. From any other location, you'll need to use your email and password.
What happens if my clinic's IP address changes after whitelisting is set up?
Everyone except clinic administrators will be locked out. An administrator can still log in using the email 2FA code, which bypasses the IP restriction. Once in, they can update the whitelist with the new IP address.
Why can't I see the TypingDNA 2FA option in my profile?
The Enable two-factor authentication with TypingDNA toggle appears in the Options section of My Profile. If you don't see it, check that you're on the Profile tab (not Availability or Notifications) and scroll down to the Options section.
My password just expired. Can I reset it without logging in?
Yes - if you can't log in because your password has expired, use the Forgot Password link on the login page. Enter your email address, and you'll receive a reset link. Follow the link to set a new password that meets the minimum requirements, then log in as usual.