What is Two-Factor Authentication?
Two-factor authentication (2FA) exists for your protection. It adds an extra layer of security when logging into your LetkoBrosseau client portal.
Thanks to 2FA, your account is protected even if your password is stolen. This is particularly important if you reuse variations of the same password from site to site. If a password is your only protection (no 2FA activated) and a single one of those other sites falls victim to a data leak, the security of all your other accounts on other sites would be greatly compromised.
With 2FA active, your account and data at LetkoBrosseau remains strongly protected at all times.
How does Two-Factor Authentication work?
The 2FA approach relies on 2 separate factors to protect an account:
- knowing the login information (username and password)
- having access to the 2FA device (typically a smartphone)
After identifying yourself using your username and password, you will be prompted to provide a 6-digit 2FA code. This code will be provided to you on your 2FA device. Because this security code is only valid for a short period of time (unlike your password), it is very hard for someone else to "steal" such a code and use it before it expires.
What are the Two-Factor Authentication options?
LetkoBrosseau offers 3 ways to receive your 6-digit 2FA codes:
- Dedicated authenticator application: this is the most secure option. It requires having a smartphone and downloading a mobile application. Every time you log into the LetkoBrosseau client portal with your username and password, you will need to also open the application on your smartphone to find the 2FA code. You then type that code into the client portal to gain access.
- Text message (SMS): this is a secure option. It does not require a mobile application, so any mobile phone that can receive text messages (SMS) will work. After logging into the client portal, you will receive the 2FA code by text message that you will type into the client portal to gain access.
- Automated telephone call: this is a secure option. All it requires is a direct phone number (no extension code). This means it is a 2FA that can work with or without a mobile phone. After logging into the client portal, your phone will ring. It is an automated voice call that will tell you the 2FA code to type into the client portal.
Each option has its advantages and disadvantages as seen above. The best 2FA method for you is the one you will consistently use. It is considered safer to keep 2FA active at all times than to cycle it on/off.
Ready to activate your 2FA?
That's great! Click on the link below that corresponds to the method you prefer: