IN THIS ARTICLE
About two-factor authentication
What is two-factor authentication (or 2FA)?
Why are you introducing 2FA now?
Which roles need to set up 2FA?
At what points will I be asked to complete 2FA?
Setting up two-factor authentication
Setting up 2FA via an Authenticator app
I’ve set up SMS 2FA. What happens if I don’t receive my SMS code when logging in?
Changing your method of two-factor authentication
I want to change my method of authentication. How do I do this?
My phone has been stolen, so I can’t receive my verification code: what do I do?
What is two-factor authentication (or 2FA)?
Two-factor authentication, or 2FA, adds an extra layer of protection to your Exchange account. It’s a method of verification which requires a user to input two forms of identification, from two separate trusted devices, to gain access to an account or feature.
When trying to complete certain actions on the platform, we now require you to input a unique verification code (which we’ll send to your phone via SMS or an Authenticator app)
If you’ve ever been on a website that's asked you for a verification code, pin, secure information, or to scan your fingerprint (alongside your password) before completing an action, that’s 2FA in action.
Why are you introducing 2FA now?
We take security very seriously. 2FA is a necessary security feature to enhance the protection of your account.
Which roles need to set up 2FA?
2FA is currently mandatory for:
- The Exchange Account Owner
- Company Admins
- Finance Directors
- Finance Bookkeepers
At what points will I be asked to complete 2FA?
There are various actions in the platform that require two-factor authentication, such as:
- Login
- Adding or editing users
- Accessing the Wallet
- Confirming payments from your bank account
How do I set up 2FA?
There are three ways you can set up 2FA. Once you set up, you then need to select your preferred authentication method.
- Setting up 2FA, via your Profile Settings.
To do this, click Settings > My Profile > Two-Factor Authentication > then, Register.
- Setting up 2FA at Login.
To do this, enter your email and password at login and follow the instructions on the prompt.
You’ll then need to choose your preferred method of 2FA – via SMS or an Authenticator app (you can choose between Microsoft or Google).
Click on the option you prefer.
- Setting up 2FA when you’re prompted within the platform.
If you have not set up 2FA through Settings or at Login, you will be prompted to do so when you try to access a feature that requires 2FA, such as:
- Add/edit a user or driver
- Change your authentication method
- Accessing the Wallet for payments on the platform
- Confirming payments from your bank account
Setting up 2FA via SMS
Input the phone number you’d like to register for 2FA. This will be the phone number your verification codes are then sent to. Once you’ve input the phone number, press Continue to get the verification code.
When you receive the verification code on your phone, input the six-digit code into the screen on your desktop and press authenticate.
Then, you’re set up!
Setting up 2FA via an Authenticator app
Scan the QR code with your phone. Please note, if you choose an Authenticator app, you’ll need to download it to your phone first. Learn how:
How to download Google Authenticator
How to download Microsoft Authenticator
Here's an example of the QR Code that you can scan once you select an Authenticator app method.
I’ve set up SMS 2FA. What happens if I don’t receive my SMS code when logging in?
If you don’t receive a verification code, please double-check your phone number by selecting “Cancel” and starting over. If that still does not work, please submit a support request so our Support Team can help you.
I want to change my method of authentication. How do I do this?
First, you’ll need to disable your current method of 2FA. This can be done by clicking Settings > My Profile > Two-Factor Authentication > Change Authentication Method.
To disable 2FA via your Authenticator app, input the six-digit verification code that pops up when you click on your Authenticator app.
To disable 2FA via SMS, input the six-digit verification code that pops up on your texts.
Once done, you can then re-register with your desired authentication method. For instructions on how to set up 2FA – see here.
My phone has been stolen, so I can’t receive my verification code: what do I do?
If you no longer have access to your authenticator app or SMS, please submit a support request.