Refersion offers Two-Factor Authentication (2FA) as a second layer of security to your account. After logging in with your email and password (the first layer), 2FA, when enabled, will further secure your account by requiring a verification code once every 30 days. You will also be required to enter a verification code when making payments in excess of $1,000 USD (or equivalent in another currency) within a 24-hour period.
To set up 2FA you’ll need your smartphone and a third-party authenticator app such as Google Authenticator or Authy. Authenticator apps provide 6-digit, one-time-passcodes (OTPs) that can be used to authenticate your account.
Enabling 2FA
From your dashboard, navigate to Your Name>Profile.
From your profile screen, navigate to Two-Factor Authentication in the left menu and click the Enable Two-Factor Authentication button.
Enter your password in the modal window.
Next, open your authenticator app and select the option to add a new account. Scan the QR code from the Two-Factor Authentication modal or enter the secret key into your authenticator app. This adds Refersion to the authenticator app so it will be able to generate the one-time-passcodes that Refersion will recognize.
Once Refersion is added, the authenticator app will display a 6-digit code; enter this code into the input box.
Note: As part of the security features of authenticator apps, each code is valid only for 30 seconds, so you’ll need to enter it quickly or wait for the next one.
Upon successfully entering the 6-digit code you’ll see a new modal with 10 backup codes. A text file of these backup codes will also automatically be downloaded to your computer. These should be kept in a safe place — if your smartphone with the authenticator app is misplaced these single-use codes can be used to log in to Refersion.
Important: these codes are only meant to be used as a last resort; using them will deactivate 2FA on your account and you will need to repeat these steps to re-enable this security feature.
If you misplace your backup codes you can easily generate a replacement set from within your profile.
Configure SMS as a backup method
Within this same modal you’ll be able to add your cell phone number as a backup method for authenticating your account via SMS. Please Note: SMS authentication is only available in certain countries.
To get started, choose a country from the country selection dropdown — this will automatically add your country code. Enter the rest of your mobile phone number in the space provided.
Once you click Next, a new modal will appear and a 6-digit verification code will be sent to your phone via SMS. Enter this code into the input box in the modal and click Confirm.
Disabling 2FA
You can disable 2FA from the same Profile page (Your Name > Profile). You will be prompted to enter your password and a 6-digit code from your authenticator app, an SMS code, or one of your backup codes.
Need help? Please reach out to our team using the in-app Support Chat or email us at [email protected].