If you have received a password reset email and/or email verification email from Lightspeed that you did not request, your Retail POS may be compromised. If you suspect that someone else might be using your Retail POS account without your permission, here are the steps to secure your Retail POS account.
Step 1: Change your Retail POS password
To prevent your Retail POS account from being further compromised or accessed without your permission, we strongly recommend changing your account password.
- Never use default passwords
- Do not use the same password for multiple accounts
- Create strong passwords or use passphrases
- Consider using a password manager
- Use multi-factor authentication (see step 2)
To change your password, follow the steps below.
Sign in to your Retail POS account
- Sign in to Retail POS.
- Click Setup then Users and select the user you are changing the password for.
- Scroll to the Security and ID section.
- Under Change Password, enter your new password and again in Repeat new password.
- Click Save changes.
- Enter your current password in the password field and click Save these changes
- If you are changing the password for a user other than the one you're logged into, you will need to enter the password for the user you are logged into.
The password change is now complete.
Can’t sign in to your Retail POS account
If you are unable to gain access to your Retail POS account, complete the steps below to action a password recovery:
- Sign in to Retail POS.
- Click Forgot your password?
- Enter your username.
- Enter your username and click Send email.
- A password reset email will be sent to the registered email address for the username you entered.
- Click Reset password.
- Enter your new password again and Confirm.
- Click Set password.
The password change is now complete.
Didn’t receive your password reset email? Make sure your email is verified. In your email inbox, look for a Verify your email email from us. This would have been sent when you first created your user.
Step 2: Add more security to your Retail POS account
Multi-factor authentication
Multi-factor authentication adds an extra layer of security to your admin user accounts.
When enabled, multi-factor authentication will require the admin user to input their existing password and a one-time password (OTP) generated via an authorized third-party authentication application.
To learn how to set up multi-factor authentication, refer to our Multi-factor authentication (MFA) in Retail POS (X-Series) guide.
Additional security
Download our POS Security guide for more tips on how to secure your store, including:
- Beefing up physical security
- Securing your store network
- Keeping your software and apps in check
- Safeguarding customer data
- Ensuring your staff upholds your security standards
Step 3: Secure associated accounts and software
Now that your Retail POS account is secure, we strongly recommend securing any associated accounts and software.
This includes:
- Change the password for the email your Retail POS account is registered with
- Change the password for app integrations such as Xero and BigCommerce
- Update your device's software to the latest version
- Update your browser to the latest version
If you believe your account has been compromised and you can no longer sign in or use the account recovery function to regain access, contact Retail support immediately to suspend the account and investigate.