It is a security measure that adds an extra layer of protection to user accounts or systems. With 2FA, users are required to provide two different forms of identification or authentication factors to verify their identity.
When 2FA is enabled, the user needs to provide both the password and the additional authentication factor to gain access to their account or system. This adds an extra level of security, as even if someone obtains the password, they would still need the second factor to log in successfully.
2FA helps protect against various security threats like password theft, phishing attacks, and unauthorized access. It has become a widely adopted security practice for online accounts, banking services, email providers, and other sensitive systems.
How to Enable 2FA?¶
Go to myaccount and then go to Settings -> Security
There, you will see an Enable button click on that to enable 2-factor authentication.
After clicking on Enable button you will see multiple options which are available, you can choose either of the options available to enable 2-fa.
To enable text based authentication select the text based authentication and click on Enable button.
After clicking on enable option a verification code will be sent to the registered mobile number just enter the verification code and click on confirm button.
After clicking on confirm button 2-fa would be enabled and a pop up with back-up codes will appear, save the backup codes as you can use them later to login but remember you can use each backup code only once. You can Download backup codes just by clicking on the Download button.
To disable the text based authentication just click on disable button.
After clicking on the disable button a pop up will appear click on disable button to disable the 2-fa feature.
TOTP Based 2-Factor Authentication¶
TOTP stands for Time-Based One-Time Password. TOTP-based 2FA (Two-Factor Authentication) is a security mechanism that uses time-based OTPs to provide an additional layer of authentication for user accounts.
In TOTP-based 2FA, a shared secret key is generated and securely stored on both the server side and the user’s device or application. This shared secret is used to generate a unique OTP at regular time intervals, typically every 30 seconds.
When a user attempts to log in, they are prompted to enter their username and password as the first factor of authentication. The second factor is the OTP generated by their TOTP-based authentication application.
Popular applications that implement TOTP-based 2FA include Google Authenticator, Microsoft Authenticator, and Authy.
If you want enable TOTP based 2-Factor Authentication then select the Google Authentication as your choice of option and click on Enable button.
Now scan the QR code using any authenticator app (like Google Authenticator or Microsoft Authenticator) and after scanning the code a TOTP(Time-based One-Time Passwords) will be shown on the device which has been used to scan the code, enter that code in the text box and click on Enable button.
After clicking on the enable option, Google authentication would be enabled and backup codes would appear. Users can use these backup codes later for login into myaccount but remember each backup code can be used only once.
You can Download backup codes just by clicking on the Download button.
If users are unable to scan the QR code, they have the option to download the key manually by clicking here. Once downloaded, users can follow the key setup process on the mobile app and enter the downloaded key during the setup to complete the process.
You can also access this feature from the dashboard
About Backup codes: One-time usable secret codes that you can keep somewhere safe and use when you are not able to get verification codes on your phone. You can re-generate new codes anytime.