Hey everyone —
Two-factor authentication is now re-enabled on the website.
It’s been a long time since it was turned off, due to various issues with our hosting provider, the outdated theme we use, GDPR, Google’s Captcha, legal “data collection” things that we didn’t want to get in the middle of, etc., but all of that is finally behind us, so now it’s back on.
This is a good thing, and we’ve always wanted to have two-factor as a default, as well for us to push it regularly, since 2FA is something *everyone* should always use in crypto. Think of it as a proving grounds for students to ease into the “real world” if they were new.
Here’s how it works
When you log into our website, if you don’t have your mobile code set up (and most of you do not), you should quickly receive an email with a one-time code that you must use to continue your login. Type that code in, and then you’ll be go through a two-factor setup wizard.
First, you’ll have little blurb explaining what two-factor is, and then a page letting you set up how you want two-factor to work for your account.
If you’re a student, you do not have to have two-factor enabled, but we highly recommend it. You can disable email and backup codes as it says, by clicking “disable”. However, we encourage everyone to enable two-factor as this will help get you in practice of good security habits, if it’s new to you.
Once you click Continue on the Setup Two-Factor notice, you will be able to choose which method(s) you want enabled.
Set up Mobile App using Google Authenticator (recommended) or Authy (less recommended, but better than nothing) by clicking the “>” on the right. If you enable Mobile App, then the email and backup codes become backup methods if you don’t have your Mobile App with you. You can click the “>” icon to download or display the backup codes one time – write them down and back them up so you can have them available. We recommend a password manager, secure notebook or whatever fits in your security posture.
Once you’re set up, you’ll be able to login with two-factor, and have email and backup codes as a backup based on what you have selected.
If you want to make changes to your two-factor setup, you can do so from your User Profile page. We will continue to make this easier in the future – we know this isn’t always the easiest thing to access.