Different people have different security needs, but everybody agrees that having more security options is a good thing. Two-factor authentication (2FA), also called two-step verification, is one such option that is becoming more prevalent these days. Its purpose is simple: add an extra layer of security to the login process of your application (in our case, cloud.ca’s web console).
This is achieved by combining something you know (your password) with something you have (a code generated by an application on your smartphone), hence the term two-factor. Fortunately, you don’t need a different app for each website where you’ve enabled 2FA, as there are common standards in place that are supported by popular authenticator applications.
2FA is an opt-in feature on cloud.ca. Your can turn it on from the My Profile page. This process is quite easy: simply scan the provided barcode with your mobile device using your preferred authenticator app, and then enter the generated six-digit verification code. Following this, every time you log into cloud.ca, you’ll also be prompted to enter the current code displayed on your authenticator app (it is updated every 30 seconds).
While 2FA is not totally foolproof, the fact that someone would need to know your password AND possess your phone to hack into your cloud.ca account greatly decreases that risk. In addition, to protect against the eventuality of not having access to your phone when logging-in, there is a fallback method which consists of providing any of the remaining backup codes generated when enabling 2FA (just ensure you store these codes in a secure location).
By Marc Vaillancourt, Director, Software Development at CloudOps