Hi @Toish and thanks for sharing this suggestion, which has received votes from other community members. I’m happy to let you know that this suggestion has been picked up internally at Fitbit and is being considered by our team. This suggestion will either remain ‘Under Consideration’ until released, or else move to ‘Not Currently Planned’ if it’s not viable right now. Further updates will be posted here.

 

Please remember that if a suggestion is chosen for development, it can take some time before updates are available or a release is finalized, so thanks in advance for your patience. To learn more about how Fitbit decides which suggestions get developed, visit our FAQs. Fans can continue to vote for this feature suggestion while it is under consideration.

When you login to your account, you get a sms with a code you need to type to confirm that you are the one login in to the account on a new device

Hi @Sky621, thanks for explaining why you would like to have the option to see a sms code to confirm you're logging in to your Fitbit account. I've moved it into a similar suggestion which has been updated as "Under Consideration". You can learn more about it here. Keep adding these suggestions.

I have seen other topics related to this and there certainly seems to be some appetite for it. Allowing my Versa 2, and other models, to receive and reply to push notifications for MFA or two-factor will be greatly appreciated.

Hi @trich101, thanks for explaining why you would like to have the option to enable 2 Factor Authentication for Fitbit app I've moved it into a similar suggestion which has been updated as "Under Consideration". You can learn more about it here. I hope to see you around.

Hi

Im not sure that I understand why users of the Fitbit services needs to vote for a defacto standard technical control like 2-factor authentication (2FA)!

Implementation of 2FA should be considered Data Protection by Design and Default and would normally be required as part of the risk assessment of your services. Not to have this shows a clare sign of lack of control and understanding (see top OWASP Top 10) .

From a legal point of view related to EU GDPR and your processing of your european customers data, you might also want to reconsider. Many Data Protection Authorities think that 2FA is a requirement for processing health information (art. 9) and a breach of your service would come with a great fine.

 

So... yes I will vote for this 2FA being implemented, but I suggest you change your approach towards change management and data protection. 2FA should be a no-brainer in 2020 with the type of data you are processing and with your risk picture.

 

Regards

Jesper

With all the personal information you hold it's unacceptable that you don't have 2FA. When is it coming?

We are rooting for you Fitbit ! We are all rooting for you! When my mother yells at me like this it’s because we love you ! Imagine how much google would be more down to buy you guys ? Think about it ? Create it and this could be the google 2FAcompetitior to Apple Watch! 

Related to above and Google

 

2FA would also make Googles FitBit due dlligence look way better related to GDPR art.32 🙂

 

How is this not a standard feature? I'm blown away. Fitbit will know more about a given person than their own doctors or family members. Put 2FA on the account already - it is unacceptable to not have this in some shape or form. I personally won't use Fitbit extensively until they show they care about protecting my data.

 

We need 2FA Support using code based authenticator apps (Google Authenticator, Authy, etc). A temporary, stop-gap measure for this huge feature gap would be SMS based 2 step/factor authentication.

 

Pretty soon, more of us will vote with our feet. It's extremely unsettling to have the massive amounts of personal data that is stored in Fitbit protected by a single password.

I'm also blown away 2FA is not present. This is not even a feature, this is mandatory for a company that sells products that track our data basically 24/7/365. In a few months, a person with unauthorized access to my account would know where I go for a run, infer the hours I'm at home, know exactly when I'm sleeping, what I eat and other information that can be used to threaten my life.

 

I just bought a Fitbit device and this is a flaw that weighs heavily on my final decision to keep this product or return it to the store.

I agree with this. There is some sensitive data that you probably don’t want people seeing?

my email was changed to paul dot grigorij at aol dot com

This means my account was hacked and he had access to my location and other private data.  I managed to save my account and have since then changed the password, but I really REALLY need the two factor authentication.  Why in the world was it not started in this day and age, I don't know.  I have this application only because my health benefits are hinged to using this app.  Anyway, 10 votes for this option.  Please@! 

 

Moderator Edit: Formatting

2FA should be implemented ASAP. Passwords are not a secure enough method of account security. Please allow 2FA support. 

Hi everyone, and thanks for sharing this suggestion. We’re very happy to let you know that this has been released on the Fitbit app as you can now enable a two factor authentication for your Fitbit account. You can find more details here.

 

Thanks to everyone who voted and commented for your enthusiasm which has now materialized for everyone’s benefit. We hope you all enjoy this new addition to the Fitbit product or service!

What Android version is this release on? I am as up-to-date as the Play store has, V3.41(20243562), and when I view account settings, there is not anything for two factor. Thanks for getting this released and I look forward to enabling it.

 

Thanks again