FAQ Q286: Can I use 2-factor authentication for increased security?

We highly recommend using 2-factor authentication for Planyo (as well as any other cloud services). This technology makes it impossible for hackers to break into your account even if they learn your login and password because in order to perform a successful login, a verification code must be entered as well. This verification code is generated by an app on your mobile device and changes every 30 seconds. It's important to keep the code generator app on a different device so that even when one device (your computer) is fully compromised, there's no way to learn the verification codes.

You can add 2-factor authentication to your planyo account by following the link on your user settings page (or click here). Please note that this is only possible if you have a planyo login and password (and not when logging in via OpenId, Google login or Facebook login). Planyo uses Google Authenticator for the highest security possible and because of a large number of devices/targets it works with. For highest security, you should install Google Authenticator or a Google Authenticator compatible app on your mobile device. If you don't use a smartphone or a tablet, you can still install a Google Authenticator-compatible app as a desktop application or as a plug-in for your browser although this is NOT recommended -- if the security of your computer is compromised, the attacker might be also capable of reading your verification codes. Once your Google Authenticator app is installed, all you need to do is scan a QR code shown to you by planyo and then confirm the synchronisation by entering a correct 6-digit verification code.

2-factor authentication will respect your setting 'Remember me on this computer'. This means that if this option is selected when you log in, you'll only need to enter the 6-digit verification code once. It is therefore important to use this option only on trusted computers noone else has access to and whose access is restricted by a password. If you leave your desk for a longer time, remember to lock your computer.

If you no longer have access to the device you used to generate the 6-digit verification codes (e.g. your mobile phone was lost or you bought a new one), you can go to this page in order to start the process of removal of 2-step authentication from your account. This will require clicking on a link sent to your email address.

Google Authenticator for iPhone or iPad | Google Authenticator for Android | Google Authenticator for BlackBerry | Windows Phone (Google Authenticator-compatible)
Back to Frequently Asked Questions