What is Two-Factor Authentication? Why should I use it? Two Factor Authentication, more commonly known as 2FA, is an extra layer of security that can be added to your account in order to ensure that no one else may access it. Instead of simply requiring a password to log into your account, enabling this extra security measure will require a six-digit code to be entered when you try to log on from a new IP address or have not re-authenticated within the past seven days. This code can either be sent to the email that the account is registered with, or you may download an app such as Authy, which will regenerate a code every thirty seconds that can be used to log into your account. A Google Authenticator code is also required, before logging in with Two-Step Verification. Please continue reading to learn how to access these codes. As discussed earlier, 2FA adds an extra layer of security to your account, ensuring that no one is able to gain access, even if someone is able to guess the password. This is also the reason that all staff members are required to have 2FA enabled; the permissions given to staff members have the potential to be very dangerous if not used responsibly. Requiring two sets of verification codes makes it nearly impossible for anyone other than yourself to log into your account. With that being said, this does not mean that only staff members should enable it. Everyone on the forums is free to, and should, enable 2FA to secure their account. Your account is still your responsibility, and enabling it will help prevent others from getting into your account and possibly using it for malicious purposes. Please keep in mind, Two-Factor Authentication is not the same as Two-Step Verification. It is a subtle difference, and they have many similarities; however, it is important to know the difference between the two. As the name suggests, Two-Step Verification requires two steps to log into your account. You must first enter your correct password, then will be prompted to enter a six-digit code either sent to your email, or one that is generated by an app. Two-Factor Authentication requires two forms of authentication after logging in. To use Two-Factor Authentication, you must enter a Google Authenticator code every seven days, in addition to the regular method of logging in. After your Google Authenticator is verified, you will be prompted for another six-digit code that will either be sent to your email or generated with an app, based on personal preference. Please follow along as far as you wish. Stopping after Two-Step Verification has been enabled will still secure your account; however, I strongly recommend enabling Two-Factor Authentication for extra security. Enabling Two-Step Verification The first thing that you will need to do is choose how you want to receive your verification code. Go to this link, and you should see something similar to this. This is where you are able to choose your method of verification. By default, all of these will be disabled. Simply click 'Enable' on 'Email Verification' or 'Verification Code via App'. Activating Two-Factor Authentication Please keep in mind that Two-Factor Authentication is not the same as Two-Step Verification. Two-Step Verification is a great method of securing your account; however, I strongly recommend enabling Two-Factor Authentication, as it adds an extra layer of security, in the event that a user was able to bypass your first two methods of protection. An easy way to remember the difference is to think of Two-Factor Authentication as Three-Step Verification. After you have logged in with your password, Two-Factor Authentication forces you to go through two methods of verification; Two-Step Verification only requires two steps - your password and your six-digit code. The method used to activate Two-Factor Authentication is surprisingly similar to Two-Step Verification. As you will most likely have already enabled Two-Step Verification, you will not need to download any new apps. Simply use this link, and click 'Add a New Key', as shown here. You will be taken to a screen that looks similar to this. Just as you did with Two-Step Verification, when enabling it via Authy or Google Authenticator, scan the QR code and give it a recognizable name. It is very important that you are able to distinguish between your Google Authenticator code and Two-Step Verification code; you will be asked for your Google Authenticator code first, before moving on to Two-Step Verification. Once you have scanned your code, and ensured that everything is working properly, enter the code that is shown on your screen into the box at the bottom of the screen, to verify that you have activated it. Once this is completed, you have successfully set up Two-Factor Authentication You should see something similar to the picture shown below. As an example, if these two codes were to be used to log into my account, I would need to log in with my password, enter '274996' in the first prompt, and would only successfully log in upon entering '581969'. The Two-Factor Authentication code always comes first, as it requires verification of your identity before it will even let you enter your Two-Step Verification codes. This is due to the fact that there are backup codes, which will be discussed in the next section, that can be used to bypass Two-Step Verification. Backup Codes and Trusted Devices Backup CodesSome of you may have noticed a section named Backup Codes earlier in the tutorial. These are codes that can be used to bypass Two-Step Verification. Try to not rely on these too much, and be sure to keep them in a secure location. -------------------------------------------------------------------------------------------------------------------------------- Warning!Be sure to never share these codes with anyone. They can be used to completely bypass Two-Step Verification, without any sort of security alert. It is generally a good idea to refresh these codes regularly, especially if you believe anyone may have seen them. -------------------------------------------------------------------------------------------------------------------------------- To find your backup codes, simply click on this link. You may be asked to re-enter your password. You should be brought to a page looking something like the following image. Be sure to frequently regenerate your backup codes, by selecting 'Generate new backup codes' and clicking 'Confirm Regeneration'. Trusted Devices If at any time you would like to require a device that has previously signed into your account to re-authenticate next time it tries to log in, simply navigate to either your Two-Step Verification or Two-Factor Authentication page, and you will be able to stop trusting other devices. Devices become trusted if you go through the authentication process, and click the box under the prompt for the six-digit code. The Google Authenticator code can be used to trust a device for up to seven days, while Two-Step Verification can trust a device for up to thirty days. Trusted devices do not have to authenticate, and thus will be able to immediately start using the forums. Two-Factor Authentication - Trusted Devices Two-Step Verification - Trusted Devices Please feel free to let me know if you have any questions!
I love this guide! At first 2fa was very confusing to me and it took a while to figure out, this will definitely help people out who are new to 2fa
Amazing guide l actually read through this and it cleared all my confusion about 2fa and how to use it properly Thanks a lot Michael
Thank you Thank you! Thank you 2FA seemed very complicated to me too when I joined. I’m glad I was able to help you understand 2FA better
That's really great. 2FA was always confusing to me and still is but your guide made it easier for me to understand it, thanks a lot to be honest
