Two-factor authentication (2FA) is an enhanced method of securing your account with GSatTrack. Once configured and enabled, two forms of identification are then required to log into your account:
- Your password
- A trusted device
Requiring two different forms of identification – something you know and something in your possession – increases the security of your account, dramatically reducing the chances of an unauthorized party accessing it. In this case, the trusted device is a mobile phone with an app that is generating a constantly-cycling, six-digit verification code that is unique to your specific account. This form of 2FA has become increasingly popular and you may be familiar with it when securely accessing your email or banking accounts.
Setting up 2FA in GSatTrack
To enable two-factor authentication for your account, visit the My profile page once you’ve logged in. Under the Security section is the option for enhanced authentication:
Recovery Codes
Once you’ve decided to enable 2FA you’ll first be presented with some automatically generated recovery codes. These recovery codes will cover the scenario where you might not have access to your trusted device (perhaps it was lost or damaged) and still need to be able to log into your account. Recovery codes should be treated like passwords; store them securely and privately as you will be unable to recover your account without them in the event your trusted device is lost. Should you need to use them, simply enter one instead of the Verification Code when prompted. Note that they are one-time use passwords only; you will not be able to continue to login with them once used.
Enabling 2FA
Once you’ve stored your recovery codes you can then enable 2FA either by scanning the QR code shown on the following page from within your authentication app or by manually entering in the text code instead. The rolling, six-digit code should then be presented to you from within your 2FA app and you can enter it in the confirmation box to verify that GSatTrack and your 2FA app are properly synchronized.
Once confirmed, two-factor authentication will then be enabled for your account. The next time you log into your account you’ll then be presented with the 2FA verification screen:
"Note that for 2FA to work properly the time set on your trusted device must be accurate."