New: Two-factor authentication for your user account
There are more and more security features, especially in online shops. While a semi-secure password used to be enough to protect yourself from cybercriminals, single-factor authentication is considered a risk nowadays. With two-factor authentication (2FA), we’ve added a further security layer to our login process.
We’ve implemented the possibility to activate 2FA in your personal account. With this feature, you need your username and password as well as a one-time access code to log into your account. This access code is generated in real time from an app on your smartphone and expires after use. The two factors in this case are: 1. You know your password and 2. You have access to your smartphone.
As we support OAuth standard, there are several possible apps you can use to generate this access code. Google Authenticator, offered for iOS, Blackberry and Android, is one option. You’ll have to link your user account to the app when you set up 2FA (by scanning a QR code or entering a key). Once configured, you will not be able to log into your account without your smartphone. However, you’re given a list of backup codes, which you need to print or save in a safe place.
How to configure 2FA for your account
- Log into your account and go to user account
- The last item in the list is called Two-factor authentication*
- Initiate the activation process by pressing the button
- Open the authentication app and scan your personal QR code. Alternatively, use the security key that’s presented below.
- Your app will generate a six-digit code. Type this code into the field on the right.
- We give you access to ten one-time backup codes that you need to print or save. Use them (one at a time) if you have no access to your phone or if you’ve reinstalled the app.
- Once you’ve confirmed that you’ve printed or saved the backup codes, the process is completed.
- 2FA is now activated for your user account
You can generate and print new backup codes or deactivate 2FA any time in your user account. If you have no access to the app or your backup codes, you need to contact our customer service and identify yourself before you can log into your account again. If you have a new app or smartphone, log in with a backup code, deactivate 2FA, activate it again and link the app to your account by following the steps described above.
Do you have any questions or feedback regarding this new feature? We’re looking forward to your comments.
Head of Digital Marketing and Media Planning, Zurich