This article provides video training as well as step by step instructions on how to use a mobile app for 2-factor authentication when logging in to your website. The mobile app method is both quicker and more reliable than the email method.
What is Two-Factor Authentication?
We're all familiar with single-factor authorization, such as logging into your email with a user name and password. However, if you've ever logged in with a username and password, and then had to check your email or text messages for a code and enter it as part of the login process, you've used Two-Factor Authorization — or 2FA. 2FA is simply the use of two methods to access protected resources.
Why Use 2FA?
Security is the reason for 2FA. Many people use passwords that are easy to guess or reuse the same login information on multiple sites, and this can be a security issue. There are also reports almost weekly of a data breach where a hacker was able to get a list of user names and passwords. One of the most well-known was the Equifax data breach, which exposed the personal information of 147 million people. In cases such as this, even if your user name and password are compromised, unless the hacker has access to your email or phone, your logins will be safe until you can update your password. If you're curious about your own information, go to https://haveibeenpwned.com and enter your email and phone number. You may be surprised at the number of times your login information has been compromised. It is recommended that you change your passwords to any sites you may find here.
How Does 2FA Work?
There are several methods to implement 2FA. One of the most common is receiving a special code in your email or a text message that you enter after successfully entering your user name and password. Another method is to install an app on your phone or tablet that automatically generates a code every 30 seconds that you enter during the login process. There are many other methods, such as a separate dedicated device used only for 2FA. We recommend installing the Authy app on your mobile device because it is most-likely to be with you when logging in. Authy is also one of the most user-friendly 2FA apps.
Video Training:
Step by Step instructions:
1. Choose a 2-factor authentication app. We use and recommend Authy (check out their website here) but there are others to choose from as well.
2. Once you have downloaded the 2-factor authentication app onto your phone, login to your website on a computer.
3. Once logged in to the website, navigate to your user profile, find the 2-factor authentication options, and follow the steps below.
4. In the Mobile App row, check the "Make Primary" box
5. Then check the "Enable" Box
6. When you click the "Enable" box, several setup options will open up on the left:
7. In the 2-Factor Authentication app that you are using, start a new account and add the website by either scanning the QR code or entering the secret key.
8. Once you have scanned the QR code or entered the secret key from the website into your 2-Factor Authentication app, the app should provide an authentication code for you. Enter this authentication code from the app into the field on the website (see #8) and click "Verify". This will finish the connection.
Congratulations! The setup is complete. The next time you are logging into the website, you can go to the 2-Factor Authentication app on your phone and enter the code that it is giving you at that time. (Note, these codes are constantly refreshed, you typically have about a minute to enter a code before a new one is generated.)