What is Two Factor Authentication?
Two Factor Authentication adds a layer of security to logging into your account.
On any website, if someone knows your email address and guesses your password, they will be able to log into your account. If you use the same password across multiple websites, then any data-breach from another website could allow nefarious users to find out your commonly used passwords. It's important to remember that bitcoin transactions are IRREVERSIBLE. If someone else gets access to your account and withdraws the bitcoin from it, there is nothing anyone can do to rectify the situation.
HardBlock recommends using a strong and unique password for your HardBlock account. See our podcast episode on password managers for more details.
In addition, 2FA commonly means that you must enter a one-time code generated in your phone app to log into your account, meaning that for someone to access your account they must physically have access to your phone and be able to unlock it. While 2FA is much more secure than a password, it is not a perfect solution (consider what would happen if you lost your phone). For this reason, we recommend against storing funds in your HardBlock account for long periods of time. We did a podcast episode on hardware wallets if you'd like to learn more.
Remember, if you lose your phone or don't have it with you, you will be unable to log in to any account where you have set up 2FA. Keep this in mind, especially if you switch to a new phone, as the 2FA is linked to the device it is set up on, not to your phone number. If that happens, we have a procedure for you to regain access to your HardBlock account.
Setting Up Two Factor Authentication
To set up 2FA, download one of the following apps on your phone:
- Google Authenticator (iPhone & Android)
- Aegis (Android)
- Authy (iPhone & Android)
Setting up Google Authenticator
- Download Google Authenticator
- Open the App
- Log in to your HardBlock account
- Navigate to the 2-Factor page: https://www.hardblock.com.au/account/settings/2factor
- In the Google Authenticator App: Click the + icon in the bottom right corner
- Choose either:
- "Scan a QR Code": Hold your phone and scan the QR code on the screen on the 2-Factor page of the HardBlock website
- or " "Enter a setup key": Enter the Secret Code from the 2-Factor page of the HardBlock website into the "Your Key" field. Be sure to label the account in "Account Name" (eg HardBlock)
- You will now see a six digit code under HardBlock (or the name you chose). This code has a timer next it and is only valid while it shown on your phone screen.
- In your HardBlock account, on the 2-Factor page, enter the code from Google Authenticator into the "Enter Token" field and click "Verify Token".
- Next time you log in to your HardBlock code, you will need the code from the Google Authenticator app to complete the log in process.