Increasing FastComet Customer Login Security
Security is one of the major pillars our services here at FastComet are founded on. We are constantly striving to improve not only the security of our servers – and therefore of the hosting services we provide but also of our own website. Security nurtures trust, and our customers’ trust is vital to us. We pride ourselves on providing excellent and secure services and the trust we have built with our community over the years.
Because of this, we are introducing a new security feature related to logging in your account on our website. From now on, when you log in, the system will check if it recognizes your IP address. If it does not, it will send a verification code to your email address, which you must enter to proceed to your account with us. Please read on, and we will go into more detail about how this will work, what it means for you, and even provide you with a few more extra security tips towards the end.
What Is the New Customer Login Security?
The new login security comes in the form of a verification code you will receive when you try to log into your account on fastcomet.com. Once you have entered your login details and hit Login, the system will check your current IP. If it is an IP it recognizes, you will log in successfully. However, if it does not, then there is one extra step that you have to complete.
If you are logging into your FastComet account from a new IP address, you will instead see a screen requesting a five-digit code.
The code will be sent to your email. Once you have it, input it in the field, click Verify Code, and you can proceed to your account. We suggest you tick the box so the system remembers your device for the next 60 days. That way, the system will add the IP to its Known list, and you won’t have to input a new code the next time you try to log in from the same device. Additionally, for those of you who utilize sub-accounts, the system will send the email to the sub-account’s own email. You don’t have to worry about sending the verification code to the sub-account owner since they will get it in their email!
Please note that the verification code will be valid for five minutes. If you don’t use it in this time frame, you will have to generate a new one by attempting to log in again.
Finally, if you would like to turn off this security feature you can do so from the Client Area after you have logged in. Click on your name in the top right, then click on Account Security and you will find the option to turn the verification off.
Why We Implemented This New Security?
We decided to proceed with this change mainly because passwords are no longer the definitive approach to account security. Data leaks are, unfortunately, more common than they used to be in the past. Passwords have been leaked to the Internet many times over the past few years That makes them less reliable than we would like to think they are. Fortunately for all users, there are different methods of authentication that don’t rely solely on a password. You can check for yourself if your passwords have ever been leaked by clicking here.
That is why we added a verification code as an extra layer of security to our login page. It is a variant of Two-Factor Authentication, which should make your account with us much more secure and, therefore, all of your sensitive and personal information. By requiring this verification code, we can ensure that you, and only you, are logging into your FastComet account and not someone undesirable.
We understand this will cost you a few more clicks to get into your account. Still, we sincerely hope you can see the value this measurement will provide not just to the security of your account but to the value of our services as a whole. We constantly strive to improve, and this is a step in the right direction.
What Can You Do to Improve Security Further?
Two-Factor Authentication is always a good choice when it comes to adding extra layers of security to any of your online accounts. We already did it for you on our end by adding the verification code. You can also enable an additional layer of Two-Factor Authentication yourself. Feel free to take a look at our excellent tutorial on how to enable Two-Factor Authentication for your FastComet account to learn more. We mention the two most popular 2FA apps in it and will elaborate more on them now.
Google Authenticator is the most popular 2FA app on the market currently. That is mainly due to its simplicity of use. It takes only a few seconds to set everything up. However, its simplicity of use has a few drawbacks.
The Google Authenticator is available only for Android and iOS devices. Additionally, if you ever get a new device and want to start using it as your 2FA code generator, you will have to transfer all of your added accounts between the apps manually. Fortunately, the app has an import/export feature, so the transfer is not much of a hassle. Finally, it does not offer the functionality to receive the one-time passwords via an SMS or a call.
The Google Authenticator’s drawbacks are not significant enough to make it unusable or unpopular. They are primarily quality-of-life omissions. The app, at its core, is perfectly serviceable, making it so widely spread. For most users, what the Google Authenticator offers will be enough.
Authy by Twilio
Authy is another top-rated 2FA application. It is not as quick and straightforward to set up as the Google Authenticator, but it does offer more features.
The most outstanding of these features is its multi-device compatibility. Authy is available not only for Android and iOS devices but also for Windows, Linux, and Apple Watch. It also allows you to synchronize your 2FA accounts across multiple devices automatically, without requiring a manual transfer or for the old device to be active.
Authy can also back up your 2FA accounts. It encrypts and stores those backups on Authy’s own servers, and you can also restore your accounts from those backups if you need to. This, combined with its ability to synchronize your 2FA accounts over multiple devices automatically, will ensure that you never lose your login tokens, even if you lose one of your devices.
The Microsoft Authenticator is a solid alternative to Authy. It comes with features very similar to the ones Authy has to offer: multi-device support, backups and restores, and a few security features also overlap.
Where it differs from Authy is the integration it can have with your Microsoft account. It allows you to manage your Microsoft account, and will also send you notifications for each login. It can also act as a password manager, and also save addresses and other such data to be used in other apps.
As you can see, it is not just an authenticator. If you are looking for an app that does more than just provide you with one-time passwords, then this is for you.
Be as Secure as You Can
As you can see, the applications we talked about above are mostly the same, but they have some distinctive pluses and minuses. This does not mean that one is better than the other, though. While they do the same thing at their core, they suit different needs. You would probably like Google Authenticator if you want a straightforward and quick-to-set-up app. On the other hand, if you want as much security and features as possible, then Authy is more fitting for your needs. The Microsoft Authenticator will provide you with features which go beyond 2FA, if that is what you are looking for.
Whichever the case may be, we strongly recommend you enable Two-Factor Authentication on your account with us. This way, you will be confident that your account is as protected as possible. With the newest security addition from our end in the form of the verification code and 2FA from your end, your account will be impenetrable! We are always looking for ways to improve our services and their security – for instance, we recently implemented the Imunify360 services on all our VPS and Dedicated servers, so stay tuned for other exciting updates from us.
The latest tips and news from the industry straight to your inbox!
Join 30,000+ subscribers for exclusive access to our monthly newsletter with insider cloud, hosting and WordPress tips!