What is two-factor authentication and how do I set it up?
Two-factor authentication (2FA) adds an extra layer of security to your account. It does this by combining something you already know (your login or personal details) with something you physically have access to (your mobile number, email, or smartphone via an authenticator app). Using 2FA means that if your password falls into the wrong hands, your account remains protected.
To set up 2FA on your account, you’ll need to set this up yourself. Simply log into your account and visit your security settings. There, you can choose how you'd like to receive your one-time codes – by text, email or an authenticator app.
Here are some apps you can use:
- For Android, iOS, and Blackberry: Google Authenticator
- For Android and iOS: Duo Mobile
- For Windows Phone: Authenticator
To set up 2FA on the mobile app, log in and go to ‘Profile and settings’, ‘Account settings’, ‘Authentication and security’ and select ‘Two-factor authentication’.
We will also use two-factor authentication:
- Whenever you log in using a new device or browser. We send a one-time code to your chosen method of communication. You'll be sent this six-digit code to enter each time you log in to your account on a new device. If you don’t receive your one-time code, you can request another by choosing 'Send me another code' or clicking 'Send my code another way' to switch methods.
- When you update personal details on your account. We’ll send a one-time code to ensure that any changes to your personal details are genuinely made by you. This includes things like bank details or a change of address. Please ensure your contact details are up to date when requesting a one-time code. It's valid for ten minutes from the time it's sent and if it expires, you can request a new one.
Your security is important to us. Take a look through our security centre to find out what we do to protect you, tips on how you can protect yourself as well as information on known threats and scams.