Two-step authentication - making your site secure

If you only do one thing for your site this week, make it turning on two-step authentication .

The good news - Shopify is very secure. The bad news, people aren't. So what do you do if one of your staff has used a weak password, and someone has guessed or pfished it, and got into your Shopify site? Or a virus on your machine has sent your password to the bad guys?

The first thing to do is DON'T PANIC - running around with your hair on fire is a natural response to that sinking feeling, but will make things worse. Jumping on to an infected machine and changing your password just gives them your new password.


If your account has been compromised, then take action to protect your data right away.


  1. ON A DIFFERENT DEVICE (in case you've got a virus) Log in to the email account that you use to log in to Shopify and change the password.

  2. Run antivirus on any machine you (or your staff) usually use.

  3. Log in to Shopify and change the password for your Shopify account. If you can't log in, then reset your password. If you don't receive a password reset email, then contact Shopify Support.

  4. Enable two-step authentication for extra security at login. If two-step authentication is already configured and an attacker was able to defeat it — for example, they stole your device — then change your device and set up two-step authentication again.

  5. Check your banking details for Shopify Payments and update them if necessary.

  6. Check and update your banking details for PayPal and any other payment providers you have configured. We've seen a hacker change your Paypal account to their Paypal account.

  7. Review your general account settings and preferences to make sure all other information is correct. Also check your site for links to external sites.

  8. Follow government guides to protect your identity and sensitive information.

Also in eChic Blog - building your business

Scam Emails - what to look out for
Scam Emails - what to look out for

Scam emails - what to look out for
Read More
Adding Facebook Pixel on your website
Adding Facebook Pixel on your website

Have you connected the new Facebook Sales Channel in shopify yet?  If so, you have now activated the Facebook, Instagram shopping as well as the Facebook Ad Marketing.    What about the Facebook Pixel?  Have you added or created a Facebook pixel for your website?    Is your Facebook Pixel working correctly? 

The Facebook pixel once added to your website not only measures the effectiveness of advertising, tracks customers actions on your store but will help drive more sales. 
Read More
OneSaas Xero users - you may need a new app
OneSaas Xero users - you may need a new app

Thanks to Ben and the team at  for the heads up -
OneSaas has been acquired by Intuit, maker of QuickBooks Financial Management Software. Which means if you are using OneSaas to hook up to XERO, you've now got to find a new app.

Which app to use will depend on what else you are hooking up to, but watch this space.
Read More