What's 2-step verification? How do I use it?
At Cozy, we take privacy and security very seriously. To ensure your information continues to be as secure as possible, we’re adding a new security feature called 2-step verification.
In this article:
What's 2-step verification?
2-step verification (also called “2 Factor Authentication" or "2FA”) gives your account two layers of protection:
- The first layer of protection is your password.
- The second layer of protection is a one-time code either sent to your email or provided by a mobile app on your device. You enter this code to sign in.
This extra layer of protection means that if someone gets your password without your permission, your account will still be safe. Because Cozy lets you send and receive payments, we want to make sure your information has the highest level of protection.
→ With 2-step verification enabled, you'll automatically be prompted to provide a one-time verification code whenever you log into Cozy from a new device.
You can get this code either by email from email@example.com, or from a third-party authentication app downloaded to your device.
You’ll then enter this code into Cozy to complete your sign in. Your temporary code is valid for 5 minutes from the time you request it, so you'll need to have your email handy.
The device you use is remembered for 6 months. Every time you sign out or switch devices you’ll be prompted to sign in again with 2-step verification.
How to set up 2-step verification
Note: Once you enable 2-step verification, it will always be on. We recommend you make sure the email on your Cozy account is one you currently use and where you successfully receive emails from us. Learn how to update your Cozy account email address.
There are two ways to verify your account using 2-step verification; with your email or with a third-party app.
To get started:
- From your account name in the top right corner, go to Settings
- Go to Security
- Click Enable next to “Enable 2-step verification”
Choose how you want to receive your one-time verification code.
1. To receive your code by email:
- Next to “Email Delivery”, click Send code to email
- You'll be logged out and then asked to log in again using your password and one-time verification code.
- Check your email for the one-time verification code. The code is valid for 5 minutes.
2. To use a third-party mobile app:
- Click “Use an app” next to “Authentication app”
- Open the authentication app of your choice
- Scan the barcode shown on the screen
- Enter the verification code from your app
- Click “Continue”
Not sure which option to pick? Codes sent by email are usually received within a minute or two, while codes provided through a third-party authentication app can be viewed immediately. Either option will work, and you can always switch back from a third-party app to email, if you’d like!
Cozy recommends Google Authenticator, which is free and easy to use. You can download it from the App Store or Google Play.
Going forward, you'll need to verify your account using 2-step verification every time you sign out and sign back in, or every 6 months.