Two-Step Authentication

Two-step verification on your account is available by default.

When enabled, logging into the site with your username and password an additional one-time numeric password is also required. This one-time password is generated by an app on your phone.

Protecting your account

When used you sign in as usual and are then required to supply the authentication code from the authenticator app on your phone.

On the first sign in after two-step authentication is enabled or reset a unique code is computed and displayed. This code is used to add your account to your app.

Your unique code is displayed as a QR code that can be scanned by your app for easy installation and as text that can be manually entered if necessary.

Two-step vs two-factor

Two-step authentication (2FA) requires two different types of authentication such as 1 what you are (finger print or iris scan), 2 what you know (password or secret phrase) or 3 what you carry (identification or swipe card).

Two-step verification can use the same type of identification from two different providers, for example a password and a one-time code from a security token or authenticator app.

Authenticator apps

Using a standard time-based One-time Password Algorithm (TOTP) and HMAC-based One-time Password algorithm (HOTP) the two-step code is compatible with multiple apps that you may already have installed on your phone, for example:

Google Authenticator
LassPass Authenticator
Microsoft Authenticator

Adding your account to your authenticator app is typically the same for each app:

Select + or 'Add account' and open the barcode scanner
Scan the QR code displayed on the sign in page
Your account is added to your authenticator app, for example:
If you are unable to scan the QR code, for example you are not using a phone in conjunction with a laptop computer, you can copy the text that is displayed with the QR code and paste the code into your authenticator app.