Enabling 2FA sign-in on your Hover account

Two-factor authentication (2FA) sign-in provides an extra layer of security for your Hover account. It requires you to enter a unique six-digit authentication code sent to your phone in addition to your usual Hover username and password whenever you sign in to your account.

Important: 2FA is now a mandatory feature and cannot be disabled. If you disable your app, this will be replaced with the email-based 2FA until you re-enable either the app. 

Two-step sign-in overview

Hover supports 2FA login with the support of the mobile app. To take advantage of the app, you must have a mobile device to run one of the supported mobile authenticator apps.

If you install one of the supported authenticator apps on your mobile phone, the six-digit code is generated by the app on your phone. When you enter your username and password to sign in to your Hover account, a prompt will appear where you can enter that code.
Any popular authenticator app for your smartphone that supports a Time-based One-time Password (TOTP), like Google Authenticator or Microsoft Authenticator, will work with Hover. Most are free to download.

Back to top

SMS 2FA deprecation information

We're starting the process to deprecate the use of SMS as a two-factor authentication (2FA) method.
Users won't be able to choose SMS for 2FA and will instead only have the App method available. If you already use SMS 2FA, you can continue to use it for now, but if you disable it, you won't be able to re-enable SMS 2FA.
SMS is less secure than the App method, and SMS is getting increasingly more expensive and unreliable as carriers limit sending of SMS due to abuse.

Back to top

Enabling two-step sign-in from a mobile app

  1. Sign in to your Hover control panel using your current method of 2FA.
  2. Click on Settings from the top navigation bar.
    settings.png
  3. Located on the left-hand side of the dashboard is the two-step sign-in toggle. Turn this on. 
    6.png
  4. Click the use an app text button, then click Next step.
    7.png
  5.  Scan the QR code on the Hover account screen, use the secret key, and select Next step.
    8.png
  6. Retrieve the code and enter it in the designated field on the Hover Settings page, then click Enable two-step sign-in.
    9.png
  7. A confirmation message appears that also provides you with a recovery code. It is essential to keep this code in a safe place. Once you have written it down, select OK, I've written it down.
    Note: This code is the only way to access your account if you cannot use your authorization source. Support cannot disable the two-step sign-in without additional verification for security reasons. 

    10.png

Back to top

Disabling two-step sign-in

Uninstalling the app from your phone is not enough to disable two-step sign-in. You will need to follow these steps to disable the two-step sign-in fully. 

  1. Sign in to your Hover control panel using your current method of 2FA.
  2. Click on Settings from the top navigation bar.
    settings.png
  3. Slide the toggle to turn the Two-step sign in off.
    16.png
  4. Enter your account password in the text box, then click Disable two-step sign-in.
    12.png

Back to top

Using your recovery code

If you can not access your authorization code, you must use the sixteen-digit recovery code given when you enabled a two-step sign-in. You can use this code to log in to your account when you cannot access the code sent via authenticator. When you use the recovery code to sign in to your Hover account, two-step sign-in is automatically disabled.

  1. Sign in to your Hover control panel.
  2. A prompt will appear to add your authentication code. Select I can't use my authenticator app, or I've lost my phone. 
    Note: The prompt depends on whether you enabled two-step sign-in via the Authenticator App. 
    13.png
  3. Enter the recovery code and click Continue.
    15.png

Back to top

Getting a new recovery code

  1. Sign in to your Hover control panel.
  2. Click on Settings from the top navigation bar.
    settings.png
  3. Under Security, click on Recovery code.
    16.png
  4. Click Regenerate recovery code in the popup window.
    17.png
  5. Your new recovery code is displayed; write it down and keep it somewhere safe. Your old recovery code is instantly made invalid.
    18.png

 Back to top

Was this article helpful?

Still need some help? Submit a Request.