What is Enhanced Security?

Enhanced Security, otherwise known as two factor authentication (2FA) or multi-factor authentication (MFA) is an additional security measure you can add to your CoinJar that helps prevent it from being accessed by anyone but yourself.

How does it work? 

Whenever you sign in with your email address and password, you'll prompted to provide an authentication code that will be made available on one of your personal devices. Even if someone were able to obtain your sign in credentials, they would be unable to sign in to your CoinJar without having access to one of your Enhanced Security authenticators.

Should I use Enhanced Security? 

We strongly recommend you utilise two factor authentication not only for your CoinJar, but for your email address and any other services you're signed up to that support it. Combined with a password manager to keep your passwords unique across all your services, two factor authentication is the most effective way of ensuring your personal data and digital assets aren't compromised.

Enhanced Security is also required when making high risk payments from your CoinJar - you'll be prompted to authenticate in order to complete the transfer. Please refer to our Knowledge Base article on keeping your CoinJar secure for more precautions you can take to minimise the risk of your CoinJar falling into the wrong hands.

Types of Enhanced Security

CoinJar supports TOTP and SMS authenticators. Although both offer a similar experience, TOTP is widely regarded as more secure, and is far less susceptible to third party threats.

TOTP authentication

TOTP stands for Time-based One-Time Password. When prompted for authentication, you'll be required to open an app on your mobile device such as Google Authenticator or Authy. These dedicated apps generate a new authentication code for your CoinJar every 30 seconds, which can then be used to complete authentication.

TOTP authentication can be completed anywhere you have an internet connection, so it's great for travelling or if SMS is unreliable for any reason. It's also fully encrypted, and never visible to any third party at any point. In contrast, SMS messages are not encrypted by phone providers, and can be susceptible to security threats such as port forwarding or interception.

SMS authentication

With SMS Authentication, you’ll be sent a SMS to your device whenever CoinJar requires authentication. Enter this code into CoinJar and you’ll be able to proceed. SMS delivery can be slow and may be unreliable when travelling abroad or in areas with limited reception. SMS is also considered to be less secure than TOTP. If a third party is able to impersonate you, they can contact your mobile carrier to arrange for your mobile number (and SMS messages) to be redirected to their own sim card/phone. Additionally, because SMS messages are unencrypted, maintenance personnel and any number of other internal team members at your mobile carrier can access your SMS content.

Adding Enhanced Security to your CoinJar

TOTP authentication

1. Install a TOTP app on your personal device, such as Google Authenticator or Authy.
2. Sign in to the Enhanced Security section of your CoinJar's Settings and select 'Add new device'. Choose 'Configure authenticator app', enter a name for your device, and confirm.
3. You'll be provided with a QR Code in your CoinJar to complete the setup. Using your TOTP app and your mobile device's camera, scan this QR code to proceed.
4. Finally, authenticate for the very first time by opening your TOTP app and entering your 6-digit verification code into the CoinJar website when prompted.

SMS authentication

1. Sign in to the Enhanced Security section of your CoinJar's Settings and select 'Add new device'. Select 'Configure SMS', enter your mobile number, and choose a name for your device.
2. You'll be sent a SMS to your mobile number with a reference number.
3. Enter the number into the CoinJar website and select 'Complete setup' to add this as your Enhanced Security device.

How many Enhanced Security authenticators should I add? 

At least one authenticator will greatly improve the security of your CoinJar. Additional authenticators can be added, and they will have the same power as your initial Enhanced Security authenticator. This gives you the flexibility of choosing which authenticator you'd like to use when signing in, and also ensures you have a backup device in case your typical authenticator is inaccessible or lost.

Please consider that multiple authenticators also increase the number of possible access points for your CoinJar. You should always review the security of your personal devices when adding new authenticators, and it's important to properly manage your Enhanced Security when upgrading/retiring devices.

Removing an Enhanced Security authenticator

Provided you still have access to at least one of your authenticators, you can sign in to your CoinJar's Settings at any time to remove an inactive or inaccessible authenticator.

If you no longer have access to any of your authenticators, CoinJar can manually remove Enhanced Security from your CoinJar. Please refer to our Removing Enhanced Security from your CoinJar article for further details.

Updated: 21 Mar 2019 (AS)
Reviewed: 21 Mar 2019 (AS)