This article provides an overview of two-step sign in, how to configure it within your GoCardless account, the recovery process, as well as answers to some of the commonly asked questions.
What is two-step sign in?
Two-step sign in, also known as two-factor authentication or two-step verification, is a security process involving two separate authentication methods performed one after another to verify that an individual requesting access to an account is the owner of said account.
Within GoCardless, the two-step sign in process consists of entering an email address and accompanying password, followed by either the receipt of an SMS text message to your specified mobile phone number containing a code or generating a code through an authenticator app, which you will then need to enter to move successfully through step two of the login process.
How to enable two-step sign in on your GoCardless account
You can enable Two-step sign in by logging into your account and accessing your settings page. GoCardless offers either an Authenticator app or SMS option for your two-step sign in method.
Enabling an authenticator app
1. Scroll to the Two-step sign in section and click the toggle on the right to enable it.
2. Open the authenticator app that you would like to use, this could be on your phone or on your laptop.
3. Follow the instructions given by your chosen app to scan the QR code or enter the secret key
4. The app should give you a six digit code which you need to enter into the provided field, then click confirm
Enabling the SMS method
1. Scroll to the Two-step sign in section and click the toggle on the right to enable it.
2. Enter your mobile phone number in the dialog window and click Confirm
This will send an SMS (text message) to your phone with a code.
3. Enter the code you received and click Confirm
Done! You have Two-step sign in enabled for your account.
How to disable two-step sign in on your GoCardless account
You can disable Two-step sign in by logging into your account and accessing your settings page.
1. Scroll to the Two-step sign in section and click the toggle to disable it.
2. You will be prompted for password confirmation...
Enter the password for your account user and click Disable
A confirmation box will appear to confirm your two-step sign in has been disabled.
Done! You have disabled Two-step sign in for your account. Your settings should now look like this:
How to recover your account
Please email our Support team at help@gocardless.com using the email address connected to your GoCardless account.
Frequently asked questions
How often will I need to complete the two-step sign in process to access my account?
The two-step sign in process will reset every 14 calendar days if you select the "Trust device for 14 days" option when entering the verification code. However, if at any point you select the sign out option from the settings menu, you will be required to go through two-step sign in when you next login to GoCardless.
Am I required to enable two-step sign in on my account?
No. This is optional to all accounts, however strongly we recommend enabling this feature to increase the security of your GoCardless account.
Do all users on my account have their own two-step sign in?
Yes. If enabled, all users use their own device to complete the secondary authentication step when signing in.
As an administrator of my account, can I ensure that all users have two-step sign in enabled?
At present, you would need to oversee that this measure is implemented with all users of your organisation as required. In the future, as an organisation administrator, you will be able to enforce that all users within your organisation have two-step sign in enabled.
What happens if I lose my phone?
You will need to follow the recovery process outlined above.