Two Step Verification

This page discusses Two-Step Verification. It is a Profile Preferences option which you may enable on your account.

Two-Step Verification

Two-step verification increases the security of your account by requiring you to provide an additional code to complete the login process. If your password is ever compromised, this verification will help prevent unauthorized access to your account.

Two-step verification, also known as two-factor authentication (or simply as 2FA), requires you to provide two pieces of information to login. The general form is expressed as "something you know and something you have". "Something you know" is your password. "Something you have" is the new part, your code. You may have seen this with other services such as Google accounts, banks, etc. 2FA has been around in one form or another since the 1960s. When you use an ATM machine, for example, it requires your PIN (something you know) and your card (something you have).

You may opt-in and enable Two-Step Verification at any time. It is not a requirement that you do. You can later disable it if you wish. When you choose to enable it, you will be asked for your password to continue, and then will be presented with either an app option or an email option. The app option is better, because if someone else has access to your EO account, they probably also have access to your email. With the app option, you install an authentication app such as "Google Authenticator" or "Authy" and add as an account to the app. When setting up the 2FA feature, you'll see a QR Code barcode for the app to scan (or you can just manually enter the code that is displayed under the QR code on the screen). After that's been done, whenever you log in to EO and the second factor code is required, a code will be sent to the app on your phone, which you will then enter to complete the login process.

If you check the box to trust your device for 30 days, you will only be prompted once a month to enter a new code. When it happens, you open the app on your phone and you will immediately see the Code required for EO. Just enter that Code into the login. The Code is 6 digits.

When you set up Two-Factor Authentication, Backup Codes will be generated. If you lose access to all of your two-step verification methods (the app isn't working, you've uninstalled it, you just got a new phone, etc.), the Backup Codes are generated for this exact situation. Each Code can only be used once, but each Code is the same as if one was went to you. However, this does require printing them out or saving them once they're generated, so you should do that. If you still have access to your account, you can disable two-step verification at any time, as well. As the last resort, an Admin can disable two-step authentication for you so you can get back online.

Enabling/Disabling Two-Step Verification

Managing Two-Step Verification is a pretty straightforward process. You can enable or disable it, and generate new Backup Codes. This is done via your Account Preferences page, or use this link.