Set up two-factor authentication
By using two-factor authentication, your Cloudcraft account can only be accessed on devices you trust, even if someone knows your password. It is an extra layer of security for your account and each user can set up 2FA individually.
After setting it up, you will log in to your account in two steps:
- Type in your password
- Enter the code from your virtual multi-factor authentication application
If you are using your Google account to log in to Cloudcraft, two-factor authentication will not be available in our application because Google provides this for you. Make sure to go through the 2FA process on the Google side before logging in.
Enable two-factor authentication
Before you begin, you will need to download an authenticator app such as Google Authenticator or Authy for your phone. We use 1Password at Cloudcraft and recommend it — as a bonus, you can also use it to manage and create strong passwords.
Now that you have an authenticator app installed on your phone, log in to your Cloudcraft account and click on the Account icon, followed by the User settings link.
Click on the Manage MFA button, open the authenticator app on your phone, and scan the barcode on the screen.
Enter the 6-digit verification code generated by your authenticator app, then click Verify.
The next window will display a recovery key. We recommend printing and placing it somewhere safe, like a hidden pocket in your wallet. If you are not able to use your phone, you can use this key to log in.
Disable two-factor authentication
Before proceeding, please keep in mind that disabling two-factor authentication is not recommended and may lead to overall worse account security. Heimdal Security has a nice article on why you should always use two-factor authentication.
If you are aware of this and still want to proceed, click on the Account icon, followed by the User settings link.
Click on the Manage MFA button, and then on the Disable MFA one. Two-factor authentication is now disabled in your account, but you can re-enable it at anytime.
What is a recovery key?
Your recovery key is an 18-characters string of numbers, and letters that are displayed only once and can help you get back into your account if you lose access to the device you use to manage two-factor authentication. It acts as a one time password.
To ensure you always have access to your account, we recommend printing a few copies and storing them somewhere safe, like in your wallet or in the middle of a book.