The private testing has started!

Login and Signup Multi-factor authentication

Multi-factor authentications add an extra layer of security to protect your account from unintended access even if someone knows your password.

What is Two-factor authentication (2FA)

Two-factor authentication is a way to add extra security to your account. There are two elements. The first element is the password you usually use, which is the standard password for your account. The second element is a verification code retrieved from an application on your device, such as a mobile phone.

Liverado uses 2FA as another layer of security protection for your account. After enabling 2FA, you will be prompted to enter a six-digit password when logging in. This six-digit password will be generated by the application installed on the phone. Even if your password is stolen, an attacker cannot access your account without accessing the phone. Given this security advantage, we recommend that you enable 2FA on your Liverado account.

To use 2FA, you need to install an authenticator app on your phone. And you need to make sure you have access to your phone when you log in to your account. There are many authenticator applications. Here are some options below:

iOS:

FreeOTP

Google Authenticator

Android:

FreeOTP

Google Authenticator

How to set up 2FA

  1. Visit the Security section in the account Setting.

  2. Choose Enable two-factor authentication.

  3. Open the authenticator application on your mobile device, and then select the option to scan the QR code or manually enter the authentication key. To scan the code, point your device's camera at the QR code seen in the Liverado account settings.

  4. Then, enter the login password for your account and the two-factor password on the authenticator application you are using.

  5. Liverado will also provide you with some one-time-use recovery codes. Please keep these codes in a safe place and do not lose them. If you misplaced or lost your authentication device, these codes will be the only way to log in to your account. If you lose your device, you can enter these codes instead of the six-digit verification code. Please save all code because each code is one-time use.

Please note that resetting your Liverado password will automatically disable 2FA. You will need to enable it again.

Set up 2FA in multiple devices

If you want to receive a six-digit authentication code on multiple devices (such as mobile phones and tablets). You must install an authentication application on each device. Then follow the steps below:

  1. If you have enabled two-factor authentication, you need to disable it first.

  2. Then click Settings -> Security, and then tick the Enable two-factor authentication".

  3. Use the authenticator app on each device to scan the QR code. You may take a screenshot of the QR code and save it, later scanning with other devices.

  4. Instead of scanning the QR code, another option is to click the Manual Enter Key button. The system will provide you with a key that you need to enter in the 2FA application manually.

If 2FA is not working, please check the following to understand the most common 2FA login issues.

Two-factor authentication (2FA) is not working

In most cases, 2FA will fail because the time on each device is not synchronized. For 2FA to work properly, the date and time on the device you log in to Liverado must be the same as the date and time on the device that received the 2FA code. If the data and time do not match, you will receive a wrong login credentials message.

If you have synced your device but still cannot access your account, visit our help centre for more information, or contact us at support@liverado.com.

For other login issues, you can check common login issues and solutions.

Multi-factor authentication mechanisms: Knowledge (something only the user knows), Possession (something only the user has), and Inherent (something only the user has).

Third-party authenticator (TPA) applications enable two-factor authentication, usually by displaying a randomly generated and frequently changing code for authentication.

Why is multi-factor better than two-factor authentication?

You have probably been using two-factor authentication for a long time. When you use a credit card with a PIN and zip code, you're using 2FA. Any type of authenticator app on your phone works the same way, leveraging biometrics and other unique identifiers to provide codes for specific accounts.

For the most part, 2FA is the way most entry-level hackers want to get your information, especially if you use a program like Google Authenticator, right?

But as the hackers attested by easily accessing Twitter CEO Jack Dorsey's account via a fairly low-tech SIM swap via the 2FA protocol, this misled Dorsey's mobile provider into thinking he needed to switch his mobile service.

"Wait, what is that? SIM swap?"

Basically, SIM swapping is when scammers call your specific cell phone provider and say, "Hey, this is (the guy they're attacking); I need a new SIM card to store my misplaced/stolen one. Phone." Suddenly hackers have access to your secondary authentication codes in addition to stolen passwords, PINs, or other information.

According to the FTC, how to avoid SIM swapping:

  1. Do not respond to calls, emails, or text messages asking for personal data.
  2. Limit the personal data you share online.
  3. Set up a password on your mobile account.
  4. Consider using stronger authentication for accounts that contain sensitive personal or financial information

So while 2FA is definitely better than nothing, if you're serious about protecting your data, it should be more than a start. But because there are some overlapping factors that can easily be leveraged together, MFA is the better option.

Adding an additional layer to 2FA, such as combining PINs and text passwords with biometric layers like face scans, creates a huge barrier between hacking attempts and protected information.

Rather than simply mining information after you stumble across another and have full access, MFA means you have full control over all security, especially when using MFA hardware encryption devices as recommended by NIST for AAL 3.

Ready to join Liverado? Start your free 14-day trial today.