How do I setup Two-Factor Authentication (2FA) on my Krystal account?

Whilst we recommend you setup Two-Factor Authentication for your Krystal Client Area (in fact, any online accounts you have where it's offered) - it is not mandatory to do so to login to your Krystal Client Area. The only mandatory requirement is that you setup your security question/answer - we use this to help verify your identity should you contact us.

What is Two-Factor Authentication (2FA)?

Two-factor authentication adds an additional layer of security to your Krystal client area by adding a second step to your login. In addition to something you know (i.e. your existing password) it adds what is known as a possession, or second factor, based on something you possess - which in this case will be an App on your mobile phone or desktop.

Since both are required to log in, even if an attacker has your password they can't access your account unless they also possess your phone.

Why is Two-Factor Authentication necessary?

Passwords are often compromised when mobile devices or computers are stolen or infected with malware - or when insecure networks are used to retrieve passwords by email. They can often be guessed, they usually don't change very often, and despite advice otherwise, many of us have favourite passwords that we use for more than one thing. So Two-factor authentication gives you additional security because your password alone no longer allows access to your account

What Type of 2FA does Krystal support?

Currently we support the open source OAuth service, simply because it is free to implement for our customers and is in widespread use. All that is required is an App that supports the creation of OTP (One Time Password) tokens. This basically means that the App produces a 6 digit number that changes every 30 seconds or so. This number is entered along with your usual client area login password.

While there are a lot of Apps that do this, we tested and like Authy - which has versions for iPhone & Android devices as well as desktop versions for Mac & PC and a Chrome browser extension.

  1. You'll need to have a 2FA app like Authy installed before you'll be able to complete this process.
  2. Login to your Krystal Client Area and then click on My Profile from the top menu bar and then click Security.
  3. Click Manage Two Factor Settings.
  4. Read the details and when you're ready click Got it, enable two factor authentication.
  5. You'll now see first the 2FA setup screen.
    Open your 2FA app and follow the app's instructions to add a new account. Authy have instructions for adding a new account on different devices.
  6. Once you've scanned the barcode, or added the code, the new account should be added in your app and generating One-Time Password (OTP) codes.
    Enter a valid code from your app in to Step 2) and click Verify Code.
    Make a note of the backup code given in Step 3) - you can use this to login should you not have access to the app to generate a OTP code.

How did we do?

Powered by HelpDocs
© Krystal Hosting Ltd 2003–2019