Do I have to have a mobile phone to secure my site with Two-Factor Authentication (2FA)?
Yes, as the name suggests 2FA uses two mechanisms (instead of one) to verify your identity when you login to WriteUpp. In our case these two mechanisms are:
Username/password - like normal
Your mobile phone
With 2FA activated when you login you enter your username and password as normal and then you enter a Time-based, One-time Password (TOTP) which is a six digit code generated by the Google Authenticator app on your mobile phone.
Without a mobile you can't authenticate and consequently you can't login to WriteUpp.
However, once you have successfully authenticated you do have the option to "Trust the device" that you're using. We will then remember this device for 30 days. After 30 days (or sooner if you clear your browser's cache) you will be asked to re-authenticate again using the authenticator app.
What does "Trust this device" mean?
We also use your mobile number to verify your identity and if you're unable to open your authenticator app we will send your code via SMS to your mobile phone.
In short, if you or all of your team members don't have access to their own mobile you will be unable to use 2FA.
Username/password - like normal
Your mobile phone
With 2FA activated when you login you enter your username and password as normal and then you enter a Time-based, One-time Password (TOTP) which is a six digit code generated by the Google Authenticator app on your mobile phone.
Without a mobile you can't authenticate and consequently you can't login to WriteUpp.
However, once you have successfully authenticated you do have the option to "Trust the device" that you're using. We will then remember this device for 30 days. After 30 days (or sooner if you clear your browser's cache) you will be asked to re-authenticate again using the authenticator app.
What does "Trust this device" mean?
We also use your mobile number to verify your identity and if you're unable to open your authenticator app we will send your code via SMS to your mobile phone.
In short, if you or all of your team members don't have access to their own mobile you will be unable to use 2FA.
Updated on: 07/11/2022
Thank you!