Multi-factor authentication available to secure your BioID account
For additional protection you can now protect your BioID account with multi-factor authentication! It's easy and flexible, simply log in using any two factors: biometrics, password or a one-time security code delivered via TOTP authenticator app, SMS text message or email. You can even have BioID remember trusted devices and browsers so that multi-factor is only required when the device/browser is not recognized.
This also provides a secure fall-back: in case you forget your password, for instance, you can still log in with biometrics and security code.
To set up multi-factor authentication, you ill need to have your biometrics enrolled and at least one of the possession factors (authenticator app, phone, email) set up and confirmed. All of this can be done from your profile page. Then go to the multi-factor authentication settings page. At the bottom right select "switch to multi-factor".
Now, the next time you log in you will be required to present two factors.
Enter your username and password, then you are sent to biometric verification. If it passes you are logged in; if not a security code is sent to your method of choice.
Or alternately, leave password blank, you'll be sent to biometric verification. If it passes a security code is sent to your method of choice.
The security code is sent to one of the following:
- Your TOTP app if you have an app synced, else
- Via SMS text message if you have provided your mobile phone number, else
- To your registered email address.
If you are using the BioID Web Service to provide authentication for an application you develop or operate, this is also a useful model to consider if you're thinking about offering multi-factor authentication.