Two-Factor Authentication

Two-factor authentication, also known as two-step verification or 2FA is a security feature that protects your account against unauthorized access during online service logins. 2FA involves using your username and password (something you know), followed by a second factor – such as your smartphone or your fingerprint (something you have or something you are) to verify your identity.

Two-Factor Authentication on Koofr

Koofr offers two options for your second factor when securing your account with two-factor authentication. You can use a Time-based One-Time Password (TOTP) Authentication app or a Passkey. For enhanced security, you can enable multiple second factors.

456 987

Authentication apps

Authentication apps are TOTP apps that generate temporary and unique codes at regular intervals. These codes can be used as a second factor when logging into your Koofr account.

Generating time-limited one-time codes is important because even if an unauthorized individual obtains your username, password, and a single code, they must input the code within a limited timeframe, requiring real-time use.

Connect the TOTP app, such as Google Authenticator, Twilio Authy, Microsoft Authenticator, etc., to your Koofr account. After entering your password, the app will generate a temporary code (valid for 30 seconds). Enter this code into the designated field. If you experience issues with the code, ensure your device’s time is accurate. Time differences can disrupt TOTP authentication.


How to enable Two-Factor Authentication with an Authentication app?

1
Download one of the TOTP apps on your device.
2
Open the Koofr web app and click on Preferences.
3
Select 2-Factor Authentication.
4
Click on the Add Authentication app button.
5
Verify access to your Koofr account.
6
Name your app and scan the barcode with your TOTP app.
7
Enter a six-digit code generated in your app.
8
Save your two-factor recovery codes in a safe spot.

Passkey

While Authentication apps are very good for protecting your account, Passkeys take it a step further. When logging into your Koofr account, you have several options for selecting a Passkey: a physical key like Yubikey, which connects to your device via USB or NFC, your biometrics (fingerprint or face ID), your smart devices, or your devices’ PIN. To enable your Passkey with Koofr, connect it accordingly.

Our Passkeys rely on FIDO2 authentication. They offer superior protection against phishing attacks compared to Authentication apps. Passkeys consistently verify the domain you are accessing, while Authentication apps generate one-time codes without verifying the website's authenticity. This restricts the Passkey's functionality to only the sites or apps it is linked with, making it harder for phishing sites to trick you.


How to enable Two-Factor Authentication with a Passkey?

1
Open the Koofr web app and click on Preferences.
2
Select 2-Factor Authentication.
3
Click on the Add Passkey button.
4
Verify access to your Koofr account.
5
Name your Passkey and click on Use Passkey.
6
Choose your Passkey.
7
Save your two-factor recovery codes in a safe spot.

For more detailed instructions about enabling Passkey on Koofr, visit our help pages:

Two-Factor Recovery Codes
If you lose access to your Authentication app or Passkey, you can use one of the 10 two-factor recovery codes provided to you when enabling your second factor. This will allow you to log in to your Koofr account and disable two-factor authentication. Do not use two-factor recovery codes as your primary second factor. Use them only if necessary. Each code can only be used once.

These codes are crucial because they are the only way to access your account if you cannot use your Authentication app or Passkey, so be sure to save them in a secure spot! Our support team cannot restore access to accounts with two-factor authentication enabled for security reasons.