Using Two Factor Authentication
Back in December 2021 we enabled an optional additional layer of security to hostworld accounts allowing account holders to enable two-factor authentication (2FA).
We’re taking this a step further by enforcing mandatory 2FA for all accounts, therefore in the case where 2FA isn’t already setup, you will be prompted to set this up at the next login to your account using your usual login credentials. You will also be asked to choose your 2FA method.
When setting up 2FA be sure to keep your backup code safe – this is used in the event you no longer have access to the device you configured 2FA on (such as if you get a new phone or tablet).
We do NOT have a copy of these backup codes.
For those who aren’t familiar with the concept of two-factor authentication we will explain the basic concepts of this added security layer.
What is 2FA?
Two-factor authentication (2FA) is a specific type of multi-factor authentication (MFA) that strengthens security by requiring two methods (also referred to as authentication factors) to verify your identity. These factors can include something you know – like a username and password – plus something you have – like a smartphone app – to approve authentication requests.
2FA protects against phishing, social engineering and password brute-force attacks and secures your logins from attackers exploiting weak or stolen credentials.
This means that if someone were to guess your password, they would also need to be in possession of the second authentication method to gain access to your account.
What is TOTP?
Time-based One-time Password (TOTP) is a computer algorithm that generates a one-time password (OTP) that uses the current time as a source of uniqueness. These codes are generally generated using an app on your phone or PC such as Google Authenticator, or Authy.
What is OTP?
One-time password (OTP) systems provide a mechanism for logging on to a network or service using a unique password that can only be used once and may expire after a period of time has passed.
2FA methods supported at hostworld
You can tweak your 2FA settings within your account by selecting “Security Settings” from the drop down menu within your account.
Currently we support Time-based One-time Password (TOTP) using an app such as Google Authenticator or Authy which you can download from your App Store. This is the option we recommend all of our customers to use.
We also support OTP via email and we will be introducing SMS based 2FA (OTP) at some point in the future too.
Once enabled you will be asked for 2FA every time you login to our portal.
Other useful how-to guides on the subject of Two-Factor Authentication:
I no longer have my Two-Factor device and/or backup code – https://hostworld.uk/how-to/general/i-no-longer-have-my-two-factor-device-and-or-backup-code/
I don’t have my Two-Factor Authentication device with me – https://hostworld.uk/how-to/general/i-dont-have-my-two-factor-authentication-device-with-me/
If you have any further queries, please get in touch by raising a support ticket into the billing department at https://portal.hostworld.uk .