Two Factor Authentication is an authentication method that requires your account credentials be verified by your login name and password in your web browser as well as a secondary platform that is not your browser. This is meant to further secure your account from would-be attackers.
Bitwage uses two-factor authentication to secure all account logins and distribution changes. This is a feature we felt was necessary to keep your account safe and your payrolls under your control.
We have 2 options for Two-Factor Authentication: SMS, and Google Authenticator
Bitwage by default sends an access code via SMS Text Message to your mobile phone.
Note, this method is less secure because a hacker can port your number away from your carrier by social engineering.
You can turn off SMS Text Messages under Settings, Security, 2- Factor Authentication. You must add Google or Bitwage Authenticator to turn off SMS.
2. Google Authenticator
Google Authenticator uses a secret code to generate one-time passwords every 30 seconds, and is much more secure than SMS. We recommend all users disable SMS and use either Google Authenticator or our own native app-based solution.
Google Authenticator uses a secret code to generate one-time passwords every 30 seconds, and is much more secure than SMS. We recommend all users disable SMS and use either Google Authenticator or our own native TOTP app-based solution.
To set up Google Authenticator:
- Sign in to your account using SMS for 2-Factor authentication. If you cannot receive SMS messages, we can provide you with 10 backup codes to use.
- Navigate to “Settings” on the top right and then go to Security, 2-Factor authentication.
- Enable it under Google Authenticator (you will be prompted for a 2-Factor code again)
- You will now see a QR code as well as a secret code. We recommend you store this secret somewhere secure and install it on a TOTP generator such as Yubikey.
- Now that Google Authenticator is enabled and you have a way to generate 1-time passwords from the secret code, you can safely disable SMS.