Two Factor Authentication

Two Factor Authentication is an authentication method that requires your account credentials be verified by your login name and password in your web browser as well as a secondary platform that is not your browser. This is meant to further secure your account from would-be attackers.

Bitwage uses two-factor authentication to secure all account logins and distribution changes. This is a feature we felt was necessary to keep your account safe and your payrolls under your control. 

We have 2 options for Two-Factor Authentication: SMS, and Google Authenticator


1. SMS

Bitwage by default sends an access code via SMS Text Message to your mobile phone.

Note, this method is less secure because a hacker can port your number away from your carrier by social engineering.

You can turn off SMS Text Messages under Settings, Security, 2- Factor Authentication. You must add Google or Bitwage Authenticator to turn off SMS.


2. Google Authenticator 

Bitwage also supports Google Authenticator Google provides Android and iOS versions, and there also are Chrome Extensions, Windows, Linux, and OS X options available from third parties.

Google Authenticator uses a secret code to generate one-time passwords every 30 seconds, and is much more secure than SMS. We recommend all users disable SMS and use either Google Authenticator or our own native app-based solution. 

To set up Google Authenticator: Sign in to your account using SMS for 2-Factor authentication. If you cannot receive SMS messages, we can provide you with 10 backup codes to use. Navigate to Settings, Security, 2-Factor Authentication.

Enabling Google Authenticator

Google Authenticator uses a secret code to generate one-time passwords every 30 seconds, and is much more secure than SMS. We recommend all users disable SMS and use either Google Authenticator or our own native TOTP app-based solution.

To set up Google Authenticator:

  1. Sign in to your account using SMS for 2-Factor authentication. If you cannot receive SMS messages, we can provide you with 10 backup codes to use.
  2. Navigate to “Settings” on the top right and then go to Security, 2-Factor authentication.
  3. Enable it under Google Authenticator (you will be prompted for a 2-Factor code again)
  4. You will now see a QR code as well as a secret code. We recommend you store this secret somewhere secure and install it on a TOTP generator such as Yubikey.
  5. Now that Google Authenticator is enabled and you have a way to generate 1-time passwords from the secret code, you can safely disable SMS.

Habilitación de Google Authenticator

Google Authenticator utiliza un código secreto para generar contraseñas de un solo uso cada 30 segundos, y es mucho más seguro que los SMS. Recomendamos a todos los usuarios que deshabiliten los SMS y utilicen Google Authenticator o nuestra propia solución nativa basada en aplicaciones.

Para configurar el Autenticador de Google:

  1. Inicie sesión en su cuenta utilizando SMS para la autenticación de 2 factores. Si no puede recibir mensajes SMS, podemos proporcionarle 10 códigos de reserva para usar.
  2. Vaya a “Configuraciones” en la esquina superior derecha y después vaya a Seguridad, Autenticador de 2 Factore.
  3. Habilite el Google Authenticator (se le solicitará un código de 2 factores nuevamente)
  4. Ahora verá un código QR y un código secreto. Le recomendamos que guarde este secreto en un lugar seguro y lo instale en un generador TOTP como Yubikey.
  5. Ahora que Google Authenticator está habilitado y tiene una forma de generar contraseñas de 1 vez del código secreto, puede deshabilitar SMS de forma segura.

Still need help? Contact Us Contact Us