Two Factor Authentication

Two Factor Authentication for BaaS Users

Two-factor authentication is an extra layer of security for your BaaS user account designed to ensure that you're the only person that can access your account, even if someone knows your password.

How it works

With two-factor authentication, only you can access your account. When you want to sign into your BaaS account, you'll need to provide two pieces of information -- your password and the six-digit verification code that's automatically displayed on your authenticator application. By entering the code, you're verifying that it is you that is logging in.

Because your password alone is no longer enough to access your account, two-factor authentication dramatically improves the security of your BaaS user account and all of the information that you store with Topl.

Verification Codes

A verification code is a temporary code generated by an authenticator application and is requested when you sign into BaaS.

Note that a verification code is different than your password.

Set up two-factor authentication for your BaaS account

You can follow these steps to turn on two-factor authentication for your account
1.) Go to Settings.
2.) Click on "Enable two factor authentication"
3.) Download one of our supported authenticator apps
- Authy
- 1Password
- Microsoft Authenticator
- Google Authenticator
and use it to scan the QR code.
4.) Use the 6 digit code generated by the application to verify your application and turn on two factor authentication.
5.) Save the recovery codes somewhere safe.

This is a list of 20 codes generated during the configuration of 2FA. These codes are a single time use only. New recovery codes can be generated if needed, however previous recovery codes would not work after this step.

What to remember when you use two-factor authentication

Two-factor authentication significantly improves the security of your BaaS account. After you turn it on, signing into your account will require both your password and access to your verified authenticator application. To keep your account as secure as possible and help ensure you never lose access, there are a few simple guidelines you should follow:

  • Remember your BaaS password.
  • Download the authenticator app on all of your devices and verify with all devices.
  • Keep your trusted device physically secure.

Manage your account

You can manage your 2FA settings and other account information from your BaaS Account page.

Frequently asked questions

Need help? You might find the answer to your question below.

What if I forget my password?

You can reset of change your password when you follow these steps.

If logged into BaaS

1.) Go to Settings
2.) Click on Change Password
3.) Type new password into the New Password and Confirm New Password fields

From the login page

1.) Click on "forgot your password"
2.) Type in the email for your account
3.) Click on the reset my password link that should be sent to your email.

What if I can't access my authenticator application?

If you're signing in and don't have your authenticator application handy that can display verification codes, you can then use the recovery codes that were generated when you enabled two-factor authentication.
Simply click on "Enter recovery code" on the two-factor authentication screen, and enter one of your recovery codes.

If I can't sign in, how do I regain access to my account?

If you can't sign in, receive verification codes, or access your recovery codes, you can request account recovery to regain access to your account. Account recovery is our process designed to get you back into your account as quickly as possible while denying access to anyone who might be pretending to be you. It might take a few days, or longer, depending on what specific account information you can provide to verify your identity.

You can begin the account recovery process by emailing [email protected] with your BaaS username and a description of the issue. We will then reach out to you in the next couple of days to begin the manual recovery process.

Do I need to remember any security questions?

No. With two-factor authentication, you don't need to remember any security questions. We verify your identity exclusively using your password and verification codes.

Can I turn off two-factor authentication after I've turned it on?

If you already use two-factor authentication, you can turn it off. Just open your settings and click the disable button. Keep in mind, this makes your account less secure and means that you are potentially putting your information at higher risk.