Tillo Hub Two-Factor Authentication

Two-Factor Authentication (2FA) is an extra layer of security to protect your accounts. Instead of just entering a password, you will also need a second step to verify your identity. 2FA makes it much harder for hackers to access your account, even if they know your password.

💡

If you have lost access to your 2FA device and are unable to use a recovery code, please contact our Client Services Team.

 ⚠️

Recovery Codes must not be stored in a third party service, this includes Gmail and Google Drive. We recommend that you store them in a locked note on your company-provided laptop.

Setup Guide

Requirements

Before you begin setting up 2FA, you will need an authenticator app on your phone that generates a 6-6-digit PIN code each time you sign in. We have some recommendations below for both iOS and Android.

• Authy - https://www.authy.com/download/
• Google Authenticator
  • Android - https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en_GB&pli=1
  • iOS - https://apps.apple.com/us/app/google-authenticator/id388497605
• Microsoft Authenticator - https://www.microsoft.com/en-gb/security/mobile-authenticator-app

Configuring 2FA

1. Log in to your Hub account and go to your User Profile. You can access this by clicking the User icon next to the Hint and Logout buttons at the top left of the Hub.

1. Click on the Two-Factor Authentication tab and click the blue “Configure” button to start the 2FA setup process.
2. You should now see a QR code on your screen with instructions to set up 2FA. Please open your 2FA app of choice and press the “+” button to scan the QR code using your phone's camera. You will only need to scan it once to begin generating 6-digit PIN codes.

1. After the QR code has been scanned, you should see a new item listed in your authenticator of choice, with a 6-digit PIN code next to it. Depending on the app you have used, your PIN code will be valid for 30 seconds. After 30 seconds have gone by, a new code will be generated, and the previous one will be invalid. The following screenshot is Google Authenticator, but it should be fairly similar across other 2FA apps.

1. Please enter the PIN code generated into the Verify input box below the QR code on the Hub and then press “VERIFY CODE.” If the code has been rejected, it has likely expired due to the 30-second lifetime of the PIN code.
2. You should now see a list of Recovery Codes on your screen inside the Hub. Recovery Codes allow you to access your account if you have lost access to your 2FA device. Copy and paste these codes to a safe location and do not share them with anyone. We recommend saving these on a locked note on your company provided computer.

1. After you have saved your Recovery Codes, click on the “I HAVE SAVED MY RECOVERY CODES” button to complete the setup process. You should have received a confirmation email informing you that 2FA is now set up on your account.

Using 2FA

Each time you log in to the Hub, you will now be required to input a 6-digit PIN code from your 2FA app after entering your email and password.

If the PIN code has been rejected, it has likely expired, and you will need to enter the new code generated by your 2FA app.