Enabling multi-factor (MFA) or two factor authentication (2FA)
- 11/11/2021 00:12
Multi-Factor (MFA) or Two-Factor Authentication (2FA) adds an additional layer of authentication to your Freethought account by requiring information in addition to the password in order to login. We recommend that you use MFA/2FA on your Freethought account, and indeed any website or service that supports it as using MFA/2FA means that even if your password is stolen or otherwise compromised, an additional layer of security must be passed to gain access to your account.
This article will guide you through enabling Time-based One-Time Password (TOTP) Multi-Factor Authentication to your account using the Authy mobile application. We also support SMS based authentication, but recommend against using it wherever possible as it is a lot less secure than TOTP.
Other MFA/2FA apps are available such as Google Authenticator, Microsoft Authenticator and Duo. TOTP is an open standard and so there are many apps which can use it. They generally work in more or less the same way, so this guide will roughly apply to any authenticator app.
To get started with Authy, download it for your device:
Login to your customer portal account at https://portal.freethought.uk, then click where it says your name at the top right of the screen:
Next, click "Security Settings" in the drop down menu:
Then click the green button under the "Two-Factor Authentication" heading at the bottom that says "Click here to Enable":
We want to use Time Based Rokens as these are more secure, so select that option, and press "Get started":
You will be presented with a screen like this:
Open the Authy app that you installed earlier. If this is the first time you've opened it, you may be prompted to setup the app by entering your mobile number. Once you have completed this process, you can tap the red plus icon in the middle of the screen or the square in the bottom left in order to add account:
Now, tap the button to "Scan QR Code". This may prompt you to give permission to access the camera, in which case you will need to allow this. Then point the camera at the QR code displayed in the customer portal:
Now you'll be given the option to set an image and Nickname for this code in the Authy app. Set this as you wish and tap "Save".
You will now see a code with a countdown timer next to it. Enter the displayed code into the customer portal 2FA setup screen where it says "Enter authentication code" and click on the blue "Submit" button:
You will now be shown a green confirmation message to let you know that 2FA is now setup properly:
Beneath this message is a backup code, you should write this backup code down and store it somewhere securely. Should you ever loose your authenticator app or the device it is installed on, you can use this backup code to remove the 2FA requirement, without it gaining access to your account will be extremely difficult.
⚠️ Write down your backup code and store it securely and safely somewhere, you NEED this backup code ⚠️
Click close, and you're done! 🎉
Every time you login to the Freethought customer portal from now on, you will be prompted for your username and password plus your 2FA code from the app. You should never give this two factor code to anyone, not even Freethought staff.
Your Freethought account is now secure and protected with Time-based Multi-Factor Authentication, huzzah! 👍