Two-factor authentication

Updated 7 months and 4 weeks ago

Two-factor authentication, or 2FA for short, is a great way to secure your account. We encourage everyone to enable it, not just at omg.lol but everywhere.

What is it?

Traditional authentication relies on just one factor, like a password. If your password is compromised, there isn’t much standing between an attacker and your private information. By introducing a second factor into the authentication process, account security is increased substantially.

The ideal 2FA setup involves something you know (like a password), and something you have (like a key, token, or one-time use code).

How does it work?

We use one-time password (OTP) codes for 2FA at omg.lol. Specifically, TOTP (or time-based one-time passwords). These are codes generated by an authenticator app that have a limited life span, which adds to the security. Even if an attacker somehow obtained your password and an OTP code, they’d have a limited amount of time to use the code before it expired.

To get started, you’ll need an authenticator app. There are plenty out there for all platforms. (We recommend using the one that’s built into 1Password, our favorite password manager.)

Then, in the Two-factor authentication section of the account settings screen:

1. Scan the QR code with your authenticator app. (If you can’t scan it for some reason, you can use the code instead.)
2. When your authenticator app provides a six digit code, enter it in the provided field on the account settings screen and then click the button.
3. Store the provided backup codes safely; you’ll need them in the event that you lose access to your authenticator.

From this point forward 2FA will be enabled, providing the highest level of security for your account. You’ll provide a unique code from your authenticator app with each sign-in, and you’ll sleep well at night knowing that your account is super secure!