Install & use the two-factor authentication (2FA) by Futurae

What is Two-factor authentication by Futurae?

Two-factor authentication (commonly known as 2FA) by Futurae is an innovative way to secure your sensitive data and protect you against access threats and to confirm a user’s identity by using a combination of two different factors.

It replaces the SMS security code that is required for every authentication and prevents you from depending on your provider's coverage.

Why using the Two-factor authentication?

For security: to mitigate the risk of unauthorized access to a Sherpany account, a second factor - besides the password - is required in order to authenticate for the Sherpany application and reinforce the sensitive data security. This second step is quick an easy, and only you are allowed to access your account with your own mobile.

How does it work?

Our 2FA is using a secure mobile app called Futurae, to deliver push-based notifications so that you can with a single tap "Approve" or "Reject" an action.

Push Notifications

A push notification is sent directly to your device, notifying you of an authentication attempt in progress. You can open Futurae app via the push notification or enter the app directly to approve or deny the authentication attempt with one touch.

Secure Communication

All communication between the Futurae API and the user's smartphone is encrypted end to end, using strong cryptographic libraries.

How to set up the 2FA on the web environment?

To be able to use the Two-factor authentication in Sherpany, you must follow these steps:

1. Log in to Sherpany on the web environment
2. Go to your Profile settings
3. Select "Security" and "Set up Device"
4. Then follow the instructions, having your smartphone close to you

How to set up your device with the 2FA?

When you arrive to the part of the set-up where you need to use your phone, please follow these steps:

1. You receive an SMS from your Sherpany account during the Set-up of your device
2. In the SMS you will find a link to download the Futurae App from your App store
3. Once the app is installed, you can go back to the web and try to log in again
4. This will trigger a notification to your Futurae app
5. Click on the notification or go to Futurae and authenticate yourself.

How to remove the 2FA from your device?

Your Futurae app is always linked to the device you set up, it means that if you change your phone, you must first disconnect it from the Two-factor authentication.

You can do that in any device, iPhone, iPad, Android phone, Windows Surface and also on web.
You just need to:

1. Go to your Profile settings
2. Select "Security" 
3. Then you will see your device followed by "Remove" (or "change device" if you need to do so).
4. Click on it and confirm both on your web environment and Futurae app on device.

After that, on your next login, you will receive the SMS security code on your new phone and once you're in, you can set up the Two-factor authentication again.

What to do If you see “list is empty”

If you see “list is empty” and you have a new phone, just follow steps from this article to setup Futurae.

What is Tap to Approve?

Tap to Approve is a One touch authentication used with a push-based notification so that you can with a single tap "Approve" or "Reject" a connection.

How to use it?

With the 2FA installed, when you log in, a signal is sent to your Futurae app for you to Tap to Approve the connection. You have 30 seconds to do so. When the time is up, you no longer have the possibility to use Tap to Approve, but you will be asked to enter the TOTP (Timed One-Time Passcodes) instead. You can also directly choose to switch to TOTP by selecting "offline verification" if you don't want to use Tap to Approve, and add the six-digit code that you can see in your Futurae application.

What is a TOTP?

The Timed One-Time Passcodes or TOTP is a temporary security code that allows you to log in to Sherpany, it substitutes the Tap to Approve function in Futurae app.

How to use it?

The codes are generated every 30 seconds on the Futurae app. When the green bar becomes red, it means the time is almost up.
Then, another code is automatically generated for another 30 seconds and so on.

You just need to insert it in the login page before the time is up. If for some reason you are having trouble with the TOTP, you can also request an SMS security code.