This article provides an overview of our new 2-Factor Authentication (2FA) for our portal and includes instructions on how to configure and use it.
What is 2-Factor Authentication
2FA is a security protocol designed to enhance the protection of user accounts by requiring two separate forms of verification before granting access. This process involves two distinct steps that add an additional layer of security beyond just a password.
The first factor is something the user knows, typically a password or personal identification number (PIN). In the case of our DE-CIX portal, your password is required. This information is confidential and only the user should know it. The second factor involves something the user possesses, such as a smartphone, a hardware security key, or an authenticator app. This could include receiving a one-time code via SMS, an email, or through an application that generates time-sensitive codes. In our case, it's the latter.
By requiring both a password and a second verification method, 2FA significantly reduces the likelihood of unauthorized access to user accounts. Even if an attacker compromises a user’s password, they cannot gain access without the second factor. This makes 2FA a critical component in maintaining account security in today’s digital landscape, where cyber threats are increasingly sophisticated.
Why you should use 2-Factor Authentication
Implementing 2FA is essential for anyone looking to safeguard sensitive information. The growing prevalence of data breaches and hacking incidents underscores the importance of adding layers of security to online accounts.
Several resasons exist for using 2FA:
Enhanced Security: 2FA adds a critical layer of security by requiring two forms of verification, making it much harder for attackers to gain unauthorized access. Even if your password is compromised, the second factor protects your account.
Protection Against Phishing: Many cybercriminals use phishing attacks to steal passwords. With 2FA enabled, even if a user inadvertently provides their password to a scammer, the attacker still cannot access the account without the second verification method.
Increased Control Over Your Accounts: By using 2FA, users maintain greater control over their accounts. The requirement for a second factor ensures that only the rightful owner can access sensitive information, thus reducing the risk of identity theft and data breaches.
Industry Standard for Security: Many organizations and platforms recognize 2FA as a best practice for securing user accounts. By adopting 2FA, individuals align themselves with industry standards and demonstrate a commitment to protecting their personal and professional information.
Easy to Configure: Most online services offer straightforward options to enable 2FA. Users can quickly set up this feature, making it an accessible and effective way to enhance account security.
In summary, using Two-Factor Authentication significantly enhances the security of your online accounts, providing peace of mind in an increasingly digital world. By adopting 2FA, you can protect your sensitive information and reduce the risk of falling victim to cyber threats.
Therefore, we strongly recommend its configuration.
Guides
The following sections provide step-by-step guides for the correct configuration and usage of our 2FA feature.
How to configure 2FA for our portal
This section provides a step-by-step guide to configure the 2FA feature.
Log in to our portal and click on Account at the top right corner.
Select Manage profile.
Click on Set up Authenticator application.
Log in to your account again if necessary.
Follow the displayed instructions chronologically.
Your 2FA shows up on your Manage profile page. You can also delete it here.
You successfully set up your 2FA. From now on, you need both your password and the 2FA code to log in.
Important: Set up the recovery codes as well. Otherwise you are not able to log in to the portal without your 2FA device (e.g. your phone). Follow the guide below to generate your recovery codes.
How to generate recovery codes
This section provides a step-by-step guide to generate the recovery codes. These are one-time-use codes to be used in case your 2FA device is unavailable.
Login to our portal and click on Account at the top right corner.
Select Manage profile.
Click on Set up Recovery authentication codes.Now the system generates your recovery codes.
Save the codes locally on your computer or in another secure location where you can easily access them.
Do not save the codes on your 2FA device, as this would render the codes useless.
Mark the first checkbox, then click on Complete setup.
You successfully generated your recovery codes. You can use each code only once.
How to use the recovery codes
If your 2FA device is unavailable (e.g., if your phone has died), you can still log in using one of the recovery codes. This section provides the corresponding guide.
Click on Try Another Way after providing your username and password.
Select Recovery Authentication Code.
Provide the demanded code (one of the 12 codes you generated) and click Log In.
Please note:Recovery Code #1 was required here. Next time, it will ask for Recovery Code #2, and so on. You can use each code only once.
You successfully logged in to our portal without your 2FA device.
All my recovery codes are used
If you used all your recovery codes, delete them by going to Account -> Manage Profile (as shown above) in the portal, then click on Delete.
Provide your password and the 2FA code and click on Confirm deletion.
Please note: Recovery Code #1 was required here. Next time, it will ask for Recovery Code #2, and so on. You can use each code only once.
