2-Factor Authentication

2-Factor Authentication

In line with the recommendations of the UK Government’s National Cyber Security Centre, Safe4 have implemented 2-Factor Authentication (2FA) to replace the PIN on user accounts. As a user, this can be applied to your account either through your own decision to apply 2FA in your settings, or it can be enforced by the provider account or vault that you have been given access to.

Opting to enable 2FA in your own account

Click your username in the dark band at the top right of the screen and select the My Account option. This will display your account details:

Click the Enable 2-Factor Authentication button as shown. This will open a window requiring registration of a mobile phone number against your account:

The country code will default to +44 for the United Kingdom. This can be edited to show the appropriate country code for your location.

The number of the phone you wish to associate with your account should be entered into the Mobile Number field. This can contain a leading zero, spaces and hyphens if you wish. The number you enter will be recorded in the appropriate field in your My Account settings.

After clicking the OK button as shown above you will be sent a code by text to your device to complete the registration of your phone number:

After this authentication code has been entered, a further code will be sent to allow you to login to Safe4. After you have logged in, the authentication code will have a life of 24 hours, so no further codes will need to be entered during this period.

Please note that the authentication code will also be sent to your email address. This will accommodate situations where no mobile signal is available, if you do not have access to your mobile phone when you are logging into Safe4, or if you are located in a territory where receipt of SMS or text messages from the UK is not allowed.

If you wish to enter the My Account settings, you will be challenged to enter an authentication code. This will be sent to your device when you click My Account. This will only be required once during any login session.

Enforced 2-Factor Authentication

If you are required to utilise 2FA by the settings on the provider account or vault you need to access, the process will be the same as described above, except that you will not need to initiate the process from your My Account area. When you attempt to access the vault requiring 2FA you will receive the phone number registration prompt as shown above. After this the process will be the same as described.