2FA now available in Brandkit2

Two-factor authentication (2FA) (sometimes referred to as MFA or multi-factor authentication) is a step toward better security. It goes beyond using only a regular password when you log in — that’s single-factor authentication.

We built our own secure 2FA login protection in Brandkit 2.

To use it, read on….

Get an Authenticator app

To use 2FA you will need an Authenticator App on your phone. We use and recommend Authy or Google Authenticator.

There are a host of other options, just search for Authenticator in the iPhone or Android App stores.

Enable 2FA (Two-factor Authentication)

Enable two-factor authentication to secure your account by:

1. clicking your initials icon in the top right menu,
2. then heading to your My profile page,
3. then clicking the “Enable two-factor authentication button” option:

(Note that the look and feel, button colours etc will vary between Brandkit accounts.)

This will open a QR Code panel.

Follow the on-screen prompts. Be sure to save your recovery codes somewhere safe! You’ll need those codes to access the account if you ever lose the ability to log in with your authenticator app.

To enable two-factor authentication, scan the QR Code image with the two-factor authentication app in your phone (e.g. Authy) and then enter the authentication code generated, from your phone, into the Authentication code input box.

Save your 2FA Backup/Recovery Codes

Once you scan your QR code, and add your Authentication Code, we will display a screen of Backup Codes (aka Recovery Codes).

Be sure to save your backup/recovery codes somewhere safe! You’ll need those codes to access the account if you ever lose the ability to log in with your authenticator app (e.g. you lose your phone).

If you are logged in already, you can see your existing backup codes, and copy them again from your My Profile page, and clicking the Change two-factor authentication button to view.

Logging in with 2FA

Now that 2FA is setup for your user account, the next time you login you will be asked to enter a 2FA code from your Authenticator App on your phone.

Note that these 2FA codes are time based (each code is valid for about 30secs), so be aware of the countdown timer in your Authenticator App, and be sure you enter the 2FA code before it moves to the next code.

If you lose your phone, you can use a backup code. You received 10 of these backup codes when you setup your 2FA. These codes are one time use for each code. So once you use one make a note, because it will not be usable in the future.

Removing 2FA

You can remove 2FA from your user account at any time.

1. Navigate to your My Profile page
2. Click the Change two-factor authentication button.

3. Click the link “disable two-factor authentication“
4. Confirm by clicking OK.

This will remove the 2FA setting fro your user account, and you will no longer require a 2FA code to login.

Note also that your previously saved backup codes/recovery codes will be now be unusable. If you decide to add 2FA again in the future, a new set of backup/recovery codes will be created for you.

Trouble with 2FA

If you are having trouble with two-factor authentication because you lost your phone or no longer have access to your authenticator app, use one of the recovery codes you saved during setup.

If you don’t have a recovery code but you’re logged into a different browser session, you can get your recovery codes and update or disable your two-factor authentication settings.

If all else fails contact Brandkit support