How to keep your MyCommittee account safe and secure?

Here are some tips on how you can help keep your MyCommittee account safe, make it easier to recover, and strengthen it against attacks.

At MyCommittee, the security of your data and the protection of your privacy is our number one priority. MyCommittee employs a wide array of security techniques and practices that are an integral part of our day-to-day development and operating processes.

On top of that, there are a few simple things you can do yourself to make sure your account is protected in the best possible way.

Username and password

The default way to sign in to MyCommittee is by entering your username (email address) and your password. If you created a unique and complex password at the time you signed up with MyCommittee, you are already on the right track.

Using the same password for different online accounts is strongly discouraged. It is easy for hackers to find leaked password lists and use these to try accessing different accounts. Also, don’t make your password easy to guess. Ideally, use a password generator to create a random and complex password and create a different one for each online account.

Most browsers can create and remember strong and unique passwords for you. If you use several different and unrelated devices to go online, a dedicated password manager app (like LastPass, Dashlane, 1Password, etc.) might be a more convenient and secure way to retrieve your stored passwords across all your devices.


“A good password is too hard to remember.”
You will need a browser or password manager to do that for you.


So, you created a long, complex and unique password to login to MyCommittee and chances that someone can guess this are minimal. Still, hackers are smart and there is always a small chance that someone can figure out a way to retrieve or intercept your password and could gain access to your personal data. To make this even less likely, MyCommittee supports 'Two-step verification'.

Two-step verification

Two-step verification adds an extra layer of security to your account. To make sure it is really you trying to login, MyCommittee can add a second verification step and will ask for a security code that only you can retrieve on 'your' mobile device.

Two-step verification

When you sign up for two-step verification, you can choose to retrieve the security code by text message or authenticator app. You need to enter both your password and the security code to login. Just knowing your password isn’t enough.

Each time you login on a new device, MyCommittee will ask for a security code. At the time of login, you can mark your device as trusted so next time, you won’t have to enter the code. It’s easy to setup, and basically you need to enter the code only once on each device you use to sign in to MyCommittee.

Unless we really need to make sure it is you, MyCommittee will not ask for the security code again on your trusted devices.

We don't enforce the use of two-step verification but highly recommend all users to enable it and not only for MyCommittee but for all apps that you use and support this feature. It is one of the best ways to protect your online accounts and is really easy to setup and use.


“Enabling two-step verification is the best action users can take to protect their account and their organization's information.”


We encourage organizations to request all their members to enable two-step verification in order to add this extra layer of protection organization wide. To assist in implementing this, organization administrators can download a report that shows the two-step verification status for all members of the organization.

If you ever lose your phone, we recommend to immediately change your password and enable two-step verification again from your new device.

Social login

If you don't want to create a local account with MyCommittee, you can use your existing Facebook or Google account to login at MyCommittee. In this case, MyCommittee trusts the selected service to verify your credentials and, after successful authentication, receives your identity information. MyCommittee only receives your name and email address and will not further interact with the service.

Social login

When you sign up with MyCommittee using your Facebook or Google account, we don’t collect or store your password and therefor, you won’t need (or be able) to use the ‘Forgot’ or ‘Reset’ password features.

Some workplaces, schools, libraries, etc. can prevent access to some social services. If you don’t always have access to your preferred social login service, you can add a local account any time on your profile page. The opposite works as well. If you have a local account, you can always add or remove a social login as well.

Note: If you prefer to use a social login instead of a local account, remember to enable two-step verification on the service your are using.

Recovery phone

A recent security feature in MyCommittee is the recovery phone. After you setup a recovery phone, we can send a security code to this phone when you are accidentally locked out or forgot your password. Emails can get lost in spam folders and receiving a text message to reset your password is super quick and easy.

security code

When you setup two-step verification with text messages, we will automatically use this phone as a recovery phone, but you can setup a recovery phone independent from two-step verification as well.

We highly recommend to double check your profile and make sure your recovery phone is setup.

Tips

MyCommittee will never ask for your password via email so never reply to any email asking for personal information, even if it seems to be from MyCommittee.

Keep your devices safe. If you ever lose a device that you previously used to login to MyCommittee, reset your password immediately.

...
Dirk Op de Beeck

MyCommittee blog

Here’s what we've been up to recently.