What is Enhanced Security?
Enhanced Security, otherwise known as two factor authentication (2FA) or multi-factor authentication (MFA), is an additional security measure you can add to your CoinJar that helps prevent it from being accessed by anyone but yourself.
How does it work?
Whenever you sign in with your email address and password, you'll prompted to provide an authentication code that will be made available on one of your personal devices. Even if someone were able to obtain your sign in credentials, they would be unable to sign in to your CoinJar without having access to one of your Enhanced Security authenticators.
Should I use Enhanced Security?
We strongly recommend you utilise two factor authentication not only for your CoinJar, but for your email address and any other services you're signed up to that support it. Combined with a password manager to keep your passwords unique across all your services, two factor authentication is the most effective way of ensuring your personal data and digital assets aren't compromised.
Enhanced Security is also required when making high risk payments from your CoinJar - you'll be prompted to authenticate in order to complete the transfer. Please refer to our Knowledge Base article on keeping your CoinJar secure for more precautions you can take to minimise the risk of your CoinJar falling into the wrong hands.
Types of Enhanced Security
CoinJar supports authenticator apps and SMS authentication. Although both offer a similar experience, authenticator apps are typically regarded as more secure, more reliable, and less susceptible to third party threats.
Authenticator app (TOTP authentication)
TOTP stands for Time-based One-Time Password. When prompted for authentication, you'll be required to open your authenticator app on your mobile device. Apps like Google Authenticator or Authy generate a new authentication code for your CoinJar every 30 seconds, which can then be used to complete authentication.
Authenticator apps have the benefit of being used anywhere you have an internet connection, so it's great for travelling or if SMS is unreliable for any reason. It's also fully encrypted, and never visible to a third party at any point. In contrast, SMS messages are not encrypted by phone providers, and can be susceptible to security threats such as port forwarding or interception.
With SMS authentication, you’ll be sent a SMS to your device whenever CoinJar requires authentication. Enter this code into CoinJar and you’ll be able to proceed. SMS delivery can be slow and may be unreliable when travelling abroad or in areas with limited reception. SMS is also considered to be less secure than authenticator apps. If a third party is able to impersonate you, they can contact your mobile carrier to arrange for your mobile number (and SMS messages) to be redirected to their own sim card/phone. Additionally, because SMS messages are unencrypted, maintenance personnel and any number of other internal team members at your mobile carrier can access your SMS content.
Adding Enhanced Security to your CoinJar
- Install an authenticator app on your personal device. Some popular examples include Google Authenticator or Authy.
- Sign in to the Enhanced Security section of your CoinJar's Settings and select 'Add new device'. Choose 'Advanced (app-based)', enter a name for your device, and confirm.
- You'll be provided with a QR Code in your CoinJar to complete the setup. Using your authenticator app and your mobile device's camera, scan this QR code to proceed.
- Finally, authenticate for the very first time by opening your authenticator app and entering your 6-digit verification code into the CoinJar website when prompted.
- Sign in to the Enhanced Security section of your CoinJar's Settings and select 'Add new device'. Select 'Configure SMS', enter your mobile number, and choose a name for your device.
- You'll be sent a SMS to your mobile number with a reference number.
- Enter the number into the CoinJar website and select 'Complete setup' to add this as your Enhanced Security authenticator.
How many Enhanced Security authenticators should I add?
Having at least one authenticator at all times will greatly improve the security of your CoinJar. Additional authenticators can be added, and they will have the same power as your initial Enhanced Security authenticator. This gives you the flexibility of choosing which authenticator you'd like to use when signing in, and also ensures you have a backup device in case your usual authentication method becomes inaccessible or lost.
Please consider that multiple authenticators also increase the number of possible access points for your CoinJar. You should always review the security of your personal devices when adding new authenticators, and it's important to properly manage your Enhanced Security when upgrading/retiring devices.
Removing an Enhanced Security authenticator
Provided you still have access to at least one of your authenticators, you can sign in to your CoinJar's Settings at any time to remove an inactive or inaccessible authenticator.
If you no longer have access to any of your authenticators, CoinJar can manually remove Enhanced Security from your CoinJar. Please refer to our Removing Enhanced Security from your CoinJar article for further details.