What is Two-Factor Authentication?

Two-Factor Authentication is a security feature that requires you to provide an additional 7-digit code generated by the Authy App, or sent to your phone, whenever you log into your account.

For more information on how you can get started using Two-Factor Authentication, please visit our User Guide.

How is this release of Two-Factor Authentication different from the previous version?

The previous version of Two-Factor Authentication would generate a 6-digit token delivered to your mobile device via SMS. You would then be required to submit this token to finish logging in. The functionality of the latest release of Two-Factor

Authentication remains largely the same. However, it now supports the use of the Authy App to generate a 7-digit authentication token.

You may still resort to SMS if you encounter problems with the Authy App.

Furthermore, the latest Two-Factor Authentication release also allows you to create multiple configurations so that you can authenticate with more than one device.

Can I get locked out of my account by using Two-Factor Authentication? If this happens, how can I regain access?

It is possible to lock yourself out of your account when using Two-Factor Authentication. Here are a couple of situations to be aware of:

  • You lose your device configured with Authy, or your device runs out of power.
  • You choose to only use SMS when retrieving authentication tokens, and you do not have cellular service.
  • You choose to use Authy and SMS but have neither cellular service nor WiFi.
  • You have a shared SendGrid account, but only one user has a mobile device configured with Two-Factor Authentication.

If you find that you’ve lost access to your account as a result of Two-Factor Authentication, please reach out to the Authy Support Team.

Can I use Two-Factor Authentication with multiple user credentials?

You can create multiple configurations of Two-Factor Authentication, allowing you to use more than one mobile device to authenticate when logging into your account. However, you cannot create multiple, distinct Two-Factor Authentication configurations to be used by multiple credentialed users.

The interaction between Two-Factor Authentication and multiple credentialed users has remained unchanged in the latest release. If Two-Factor Authentication is enabled and any multiple credentialed user attempts to log in, a notification will be triggered on the main credentialed user’s mobile device.

Will my multiple user credentials be supported on Two-Factor Authentication?

Yes! Multiple user credentials can choose to have their own individual two-factor authentication.

What happens if I repeatedly attempt to log in with an invalid token?

You may make no more than 3 requests to log in per minute. If you exceed this rate limit, you will receive a 503 Error response. Multiple unsuccessful attempts to log in will result in locking your account for a brief period of time. This time period will increase in duration as you continue to make unsuccessful login attempts.