2-step verification is a simple and more secure way to protect your accounts. It combines a password (something that you know) with a second factor (something that you own), so it is less vulnerable to attacks.
The most common verification techniques are:
- Text messages with PIN code on your mobile phone
- Authenticator app generates an authentication code
- Yubikey (a hardware device similar to USB)
Exponea currently offers 2-step verification with the Authenticator app and Text message. We plan to support Yubikey soon.
To enable 2-step verification for your Exponea accounts, go to User Settings -> Security.
Once the 2-step verification is enabled, you will be asked to verify yourself with the chosen method every time you log in.
Login page - 2-step verification
Install an authenticator app on your mobile device. You can use any authenticator mobile app, but we recommend to install Google authenticator:
- iOS: https://itunes.apple.com/us/app/google-authenticator/id388497605
- Android: https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2
Open authenticator and scan the QR code to obtain a 6 digit code which you need to input in Exponea. Click "confirm".
Configuration of Authenticator APP
Backup codes are useful if you don't have access to your mobile or Yubikey. When you enable this option, you will obtain 10 codes which you can use to log in. You can use every code only once.
Note that backup codes are not part of 2-step verification. Use backup codes only as a recovery option if you lose access to your devices.
User settings ->
Security enable the "Text message" option. When you enable this option you need to enter your phone number and click
Get code. Once you receive the code type it into the text area below. Click confirm.
You can add more phone numbers for this verification method. Just click
show when text message verification is enabled.