Two-factor authentication (2FA) on your PocketSmith account


Add an extra level of security and set up two-factor authentication for your PocketSmith account. Make sure you keep your PocketSmith recovery codes somewhere safe! 🔐

What is two-factor authentication (2FA)?

Two-factor authentication is also known as "2 step verification". When you have 2FA setup, you'll need both your PocketSmith username and password like usual, and as an addition, PocketSmith will ask you to provide an extra code that only you have access to. 

You'll need a smartphone that can run an authenticator app that generates a limited time code that you enter when logging into PocketSmith.

Activating 2FA on your PocketSmith account drastically reduces the chances of someone gaining unauthorized access. An attacker would need to know not only your username and password, but they would also need to get hold of your phone.


Setting up two-factor authentication

First of all, make sure you have set a password on your PocketSmith account, then choose an authenticator app for your phone. Some possible authentication apps are

For convenience, you can set up multiple devices using the same activation code.

Note

If you created your account using Google login and haven't added a password. You can add a password as shown in the following user guide:  Add a password to a PocketSmith account with Google a login

Follow the directions below to set up two-factor authentication

  1. Head to the  Profile menu menu and select  Security & integrations

  2. Click Two factor authentication located in the menu on the left-hand side and confirm your PocketSmith account password in the confirmation box provided

  3. Click the Start two factor authentication setup button to begin pairing your PocketSmith account with your authenticator app
  4. Use your chosen authenticator app to scan the QR code displayed. 

     Then, enter the code generated by your authenticator app, and click Confirm Code

  5. On the next screen, you'll be able to download your recovery codes as a text file. 


    These codes are very important. They will allow you to log in to your account should you lose access to your authenticator app. Download them and keep them safe!


Warning
Don't lose your recovery codes!

PocketSmith Support cannot restore access to accounts with two-factor authentication enabled. If your phone is lost, broken or inaccessible, you will not be able to access your PocketSmith account unless you have your recovery codes. Be sure to download and keep your recovery codes in a safe place so you're never locked out of your account.


Using two-factor authentication on your PocketSmith account

Once you've set up your account for 2FA, PocketSmith will ask you for your 2FA code whenever you sign in. This code will appear on the screen within the app you downloaded on your smartphone.


Enter the code from your 2FA app in the field provided and click Validate

Tip

If you don't want to be asked for a 2FA code every time you sign in from a trusted device, tick the option to  Remember this device for 30 days. PocketSmith will remember your device, and you will not be asked for your two-factor code when signing in using the device for 30 days. Once the 30 days expires you will be asked for the 2FA code once again.

If you've lost access to your authentication app, and need to use a recovery code see:  Using your recovery codes if you lose access to your authentication app


Turning off or resetting 2FA on your PocketSmith account

You may want to temporarily disable 2FA on your PocketSmith, for example, if you are transferring to a new smartphone and therefore need to reset your 2FA app.

  1. Head to the Profile menu and select  Security & integrations

  2. Click Two factor authentication located in the menu on the left-hand side and confirm your PocketSmith account password in the confirmation box provided

  3. Click Turn off two-factor authentication 

  4. Enter your password to confirm the removal of 2FA from your account
  5. If you'd now like to re-setup 2FA on your account, follow the steps outlined here: Setting up two-factor authentication

Storing and using your recovery codes

Recovery codes are single-use and can be used to access your account in the event you lose access to your device and cannot receive two-factor authentication codes

Don't get locked out - store your recovery codes!

Upon completion of setting up 2FA inside the app, PocketSmith will give you some recovery codes; these are displayed in an orange box. It is imperative that you download or print these and keep them somewhere safe. A text file is available for download for convenience.

Warning
Don't lose your recovery codes!

PocketSmith Support cannot restore access to accounts with two-factor authentication enabled. If your phone is lost, broken or inaccessible, you will not be able access to your PocketSmith account unless you have your recovery codes. Be sure to keep your recovery codes in a safe place, so you're never locked out of your account.

Using your recovery codes if you lose access to your authentication app

If you lose access to your authentication app, you'll need to use one of your Recovery codes to regain access to your Pocketsmith account. To do this:

  1. Locate the recovery codes you downloaded when setting up 2FA on your account
  2. Sign in using your login details, and when the 2FA screen appears, click Use a recovery code instead 


  3. Enter your one-time recovery code exactly as provided and click Validate

    Be sure to include all dashes, for example 123456-123456-123456-1


Note

Each recovery code can only be used once.

PocketSmith will generate additional recovery codes as you use them and it's important to update your copy of your recovery codes if you have used one to sign in. You can download the updated codes by heading to Settings > Security > Two factor authentication. Confirm your password and click Show recovery codes, then click Download these codes


How to generate new recovery codes

If you've lost your previous recovery codes, or you suspect they have been seen by a third party, you can generate new codes:

  1. Head to your  Profile menu Security & integrations, then select Two factor authentication from the left menu
  2. Confirm your password, then click Show your recovery codes

  3. Click Generate all new recovery codes

  4. Once your new codes have been generated, click Download these codes. Your new codes will be downloaded as a .txt file - be sure to squirrel them away and keep them safe! 

FAQs

What if I don't want to be asked for a code each time I sign in?

You can choose to Remember your device for 30 days by selecting the checkbox on the two-factor code entry page. PocketSmith will store your device details, and you will not be asked for your two-factor code when signing in from this device for 30 days. After the 30-day period, you will need to enter your 2FA code again. 

Still need help? Contact Us Contact Us