Updated on Apr 24, 2018
Two-factor authentication adds an additional layer of security by introducing a second step to your FastComet Client area login. A second factor is something (usually a PIN number) that is required in addition to your standard password. Typically, this PIN is generated by something you physically have (such as your phone), and it is valid for a limited short period. Since both your password and PIN are required to log in, in the event an attacker obtains your password two-factor authentication would stop them from accessing your account.
FastComet supports one of the most common and straightforward method of two-factor authentication - time based one-time passwords PIN. With these, in addition to your regular username & password, you also have to enter a 6-digit code that changes every 30 seconds. Only your token device (typically a mobile smartphone) will know your secret key and be able to generate valid one time passwords for your account. Without it, even if your password is compromised, your account will be safe and secure.
You can easily activate the two-factor authentication for your account via your client area. To do so, you will need to install an OATH software such as Google Authentication, Apple's OATH Token App or one of the most popular Two-factor Authentication (2FA) App - Authy.
For this tutorial we will use Google Authenticator which you can get for free on Google Play or the App Store:
To begin, please download and install the two-factor authentication app of your choosing on your mobile device and login into your client area with your email and password.
Click on the drop-down menu in the top right corner of your screen and proceed with the 2-Factor Authentication link.
Next, you need to activate the 2-factor authentication for your account before you begin with the setup.
You may read the general information on the 2-factor authentication on the next step and proceed by clicking on the Get Started button.
On the next step, you will be presented with a QR code which you have to scan with your 2-Factor Authentication app.
Open the App on your mobile device and click the option to scan a barcode.
If this is the first time you are using the app, you should allow access to your camera. Scan the code on your monitor with your phone to add your 2-factor authentication account on your device.
This will automatically add an account to your application and generate your first PIN:
To complete the setup click on the Continue button in your client area. On the next page you will be asked to input your randomly generated temporary PIN:
This pin generated by your mobile device expires every 30 seconds. Make sure you have enough time to input your PIN before it expires or wait until it is regenerated.
When you input your pin, click on the button below to complete the process. If you completed the last step successfully, you would be provided with your Backup Code.
Your Backup code is a permanent 2-factor authentication PIN. We highly recommend to write down this PIN and store it securely. In case you lose your 2nd-factor device, and you are no longer able to generate temporary PINs, this PIN can be used to access your account.
From this moment on your FastComet client area can be accessed only using both standard login credentials and the 2-factor authentication PIN. Make sure you have your Backup code written down and return to your Client Area.
To access your client area after having the 2-factor Authentication activated, please access the client area login page and input your email and password as usual and click Login. The form will reload and request your two-factor code as well.
Run your 2-factor authentication app on your mobile device to obtain your temporary PIN for your FastComet account.
Be advised that the code expires every 30 seconds, so please make sure you have enough time to input the PIN or wait until the key is regenerated.
To deactivate the 2-factor Authentication for your account, login into your client area and refer to the 2-factor Authentication link from the top right drop-down menu.
On the next page click on the Disable button and input your client area master password.
You should see the confirmation message which means that the 2-factor authentication is now disabled for your account.
If you have added sub-accounts to your client area, you can enable this feature for them as well. To do so, login into your client area and refer to the Contacts/Sub-accounts menu.
On the next page select the subaccount for which this feature should be active and opt in the Change Security Settings permission level, then save your changes.
Now your subaccount can have their 2-factor authentication enabled by logging into the client area and follow the activation steps.