What is Two-Factor Authentication (2FA)?
You've probably encountered Two-Factor authentication already in other areas, such as PIN numbers for credit and debit transactions.
In short, it is a method by which two (or more) pieces of identification are required to access an online account or portal.
Those two pieces of information are often a password and an access code generated by an authenticator or received via SMS or email.
Why use Two-Factor Authentication?
Millions worldwide have been affected by data leaks and identity theft. While no set of security protocols can be completely foolproof,
protocols such as 2FA help make your account less attractive to potential hackers, much like security cameras or alarm systems are for a house.
2FA offers additional layer of security for users concerned about access to their account. Moreover, in the event that your account is targeted,
it will become much more difficult for a malicious actor to access.
What are the pros of 2FA?
2FA has a number of significant advantages as a security measure. They include:
-
It's easy to set up. You can enable any of the methods we maintain within a matter of minutes.
-
There's no cost related to setting it up. We offer 2FA as a protection option for all accounts in our system.
-
It offers peace of mind. In addition to deterring possible hackers from targeting your account, it also makes it very difficult for any hacking attempt to succeed.
What are the cons of 2FA?
There are some drawbacks of 2FA, but they're insignificant compared to the pros mentioned above:
-
Your login will be slower. When initially logging in, it will take some additional time to retrieve the authentication code.
-
There may be some comapatibility issues with certain methods, particularly if you change your phone number or use a different device. However, we offer several methods
outlined below that you can customize to suit your needs.
How can I use your 2FA system?
Enabling the system is quite easy; simply change the 2FA settings of your account from None to any of the following methods:
-
Phone/SMS - Receive a verification code to the phone number on file.
-
App Authenticator - Use an authenticator app such as Google Authenticator, Microsoft Authenticator or Twilio Authy to obtain your verification code.
-
Email - Receive your verification code to the email address on file.
When you select any of the above methods, you will be prompted to complete the indicated method once as part of the initialization process. Once complete, it will challenge any attempted login from an untrusted source as long as it is active.
Does this have to be done every time I login?
No. We have a system in place to save Trusted Devices to your account based on device, browser and IP address. If you access a new device and wish to
add it to your list of Trusted Devices, you will be prompted to do so upon completing the verification once. Once added to the list, it will remain for 30
days, renewed for another 30 days upon login from that device.
Is there anything else I can do to secure my account?
If it has been some time since you have updated your password, it may be prudent to update your password and take the opportunity to use a stronger password.
Use a combination of upper and lowercase letters and numbers and special characters to make your password more difficult to guess. Also avoid reusing your passwords.