On TrendSpider, you can set up Two-factor Authentication (2FA) to better protect your account. If you have 2FA enabled, then signing in to your TrendSpider account will not only require knowing your login and password, but will also require you to provide a one-off code obtained via one of the methods we support.
By default, 2FA is not mandatory. However, we're aiming to make it mandatory sooner rather than later. The 2FA methods we support are as follows:
- SMS
- Time-based one-time password (TOTP). That is, applications like Google Authenticator, Authy, and so on
Once you enable at least one method, every time you log in, we'll ask you to pick which 2FA method you want to use (of those you've enabled) for that login attempt. This means that you can have, for example, both TOTP and SMS enabled, and then any time you log in, you can decide whether you want to use SMS or a TOTP at that moment.
In order to enable 2FA, navigate to your account settings dialog, then open the Security tab. That's where you can pick which 2FA methods should be enabled for your account. Once you enable at least one 2FA method, you won't be able to get back to a state of "no 2FA at all": you'll have to have at least one 2FA method enabled at all times.
Limitations
- 2FA codes do expire. SMS and Email codes expire in 2 minutes. TOTP code expire in 1 minute.
- You can't request a new code for the a 2FA method in case if there's still a code (for that method) which has not expired. You should wait for a your previous code to expire in case if you want to issue a new code.
- We have seen cases when SMS codes are marked as spam by the phone operating system. We've seen that both on iOS and Android. Please check your phone SMS Spam folder if you did not receive the code.