Two-factor authentication (2FA or MFA): how does it work?
What is two-factor authentication?
The two-factor authentication integrated into the Enerfip investor area is based on the TOTP (Time-based One-Time Password) principle, the best-known application of which is Google Authenticator. It is based on an application installed on your mobile phone, which is provided with a secret key during configuration, which is then used to generate a code every 30 seconds, which must be entered when the user logs in. Optionally, it is possible to provide backup codes that can be used if the mobile phone is lost. This is one of the most reliable authentication methods, but also one of the most restrictive: if the mobile phone or backup codes are lost, it is not possible to regain access without contacting customer service. 2FA authentication requires configuration to be enabled. It is therefore disabled by default. There is no change for those who do not enable it.
How do I enable two-factor authentication?
- I log in to my account and go to ‘security’ by clicking on my profile.
- The two-factor authentication option is located at the bottom of the page.
- The secret key is presented in the form of a QR code, which must be scanned using the Google Authenticator app.
- Once scanned, I provide the code generated by the authentication app.
- Last step! Five backup codes are provided. They can be stored somewhere, in a notebook at home for example.
They will be useful if you lose your smartphone. If I lose my smartphone and these codes, I can resolve the situation by calling Enerfip investor relations on 04 119 34 111. And that's it, I've successfully enhanced the security of my account and my investments! The next time I log in, after entering my email address and password, I am prompted to enter the 2FA code from Google Authenticator. You can also disable 2FA in the security section.
To secure your account, watch the video:
%201.svg)
