Exchange: Security Alert — 2FA and Phishing
2FA Enforcement
Starting Friday, Oct 10, ServeManager logins will require Two-Factor Authentication via email (2FA). There’s no setup required — it will automatically apply to all accounts. Users will simply log in as usual, and 2FA will now be enforced behind the scenes for added protection.
What to expect:
- When users log in, you’ll now be asked to check your email for a verification code before accessing your account.
- The code arrives instantly and only takes a few extra seconds to enter.
- This applies to all users and should not have to performed again for a while. (The time frame for refreshing the 2FA is being determined.)
- A email will be sent out to you beforehand – giving you a heads up.
Phishing Warning
Please be advised (and alert any agents/servers in your account):
- Do NOT click any unexpected “verify your account” or “2FA setup” links.
- ServeManager will never email, message, or call asking for passwords or 2FA codes.
- Double-check sender addresses and browser URLs — attackers may spoof domains like servemanager.co or support-servemanager.com.
- If it seems you need to login, please verify you are logging in at servemanager.com in your browser.
- Updated May 11, 2026
Related Articles
- Exchange: As a contractor, what are my obligations to the Exchange?
- Exchange: How to Download the ServeManager App
- Exchange: Minimum Device Requirements for ServeManager App
- Exchange: Mandatory ServeManager Mobile App Usage
- Exchange: How to Log Attempts in the ServeManager App
- Exchange: Troubleshooting the ServeManager App
- Exchange: How to Set Up an Electronic Signature