2 Factor Authentication
We are pleased to announce the addition of 2 factor authentication to the client are to give you that extra level of security.
What is Two-Factor Authentication?
Two-factor authentication adds an additional layer of security by introducing a second step to your login. It takes something you know (i.e.: your password), and adds a second factor, typically something you physically have (such as your phone). Since both are required to log in, in the event an attacker obtains your password two-factor authentication would stop them for accessing your account.
Why do you need it?
Passwords are increasingly easy to compromise. They can often be guessed or leaked, they usually donâ€™t change very often, and despite advice otherwise, many of us have favourite passwords that we use for more than one thing. So Two-factor authentication gives you additional security because your password alone no longer allows access to your account.
How does it work?
Time Based One-Time passwords requires downloading an OATH application onto your smartphone or tablet, and optionally a bar-code reader. We recommend Google Authenticator as its free, has the reader built into the application, and created by Google. Its available for Apple, Android and BlackBerry.
Once activated a pop-up screen will present a QR code, with optional manual code to enter into your smartphone or tablet. Once scanned or entered, a time based one time password will appear within your OATH application providing the second form of verification used to log in.
Additionally, a backup code is presented which should be stored in the event that your smartphone or tablet is not accessible and you wish to gain access into the client area.
How to Setup
- First install Google Authenticator on your Smartphone or Tablet
- Go to the Client Area –> Click on the Security Menu option on the right under Account Information
- Click the “Click Here to Enable Button”
- Click “Get Started”
- In your Smartphone or Tablet app if you have a camera select “Scan Barcode” and point to the barcode on the screen. If you dont have a camaera use the manual entry on the app and use the manual code given above the QR code.
- The app will give you a verification code
- Enter the verification code into the client area, this ensures that the system is in sync before enabling.
- Take a note of the backup code.
That’s it you’re setup and ready to use 2 factor authentication. When you login in the future you will need to enter the username and password and the next screen will asked Â for your code that’s generated from your app.
Disabling the 2 factor authentication
If you decide that you need to disable the authentication click the security link on the right in the client area –> Click the “Click to Disable button” then enter your normal password.
The code you entered did not match what was expected. Please try again
Seeing this error when activating the time based one time password method means that the 6 characters generated by your device do not match the 6 numbers our system expected.
This is caused by the time on your device (phone, tablet etc) and the client area being different. As the code changes every 30 seconds its important that your smartphone has the correct time.
You can see our server time below:-
Current Server Time: [servertime]
You must ensure the server time is correct, and the time on your device matches the server time. For example if the server time is 00:01 and the time on your device is 00:00 you will see this error, you must change the time on your device to 00:01 so they both match.
Different time-zones are taken into account, so time-zone differences won’t cause a problem.