How to use two-step verification to log into your SiteGround account
Table of Contents
Two-step verification is one of the easiest and most secure ways to protect your data against hacking and identity theft. Until recently, a username and password were deemed sufficient to secure your account. However, single-factor authentication makes it easier for hackers to compromise your account.
According to a report by SANS, single-factor verification leaves a massive vulnerability in your account security. This can lead to significant financial and data losses as well as legal compliance issues.
That is where 2-step verification, providing a second layer of security, comes to the rescue. Read on to learn more about it, how to enable two step verification or how to disable it, why you should use it, and how to troubleshoot issues with it.
When this verification is turned on, in addition to entering your username and password, every time you log in, you trigger a secondary authentication. This code is the second factor of verification, and an application on your smartphone generates a new one every 30 seconds.
Thus, when you enter your username and password, you’re only able to login after entering the security code. Therefore, your data is still secure, even if one of the two factors is compromised.
Why should you use a two step verification login?
Fraudsters may use techniques like email spoofing, brute-force attacks, and malware infections, to gain access to your account. As we mentioned before, nowadays a cybersecurity attack can come even from not-so-tech-savvy hackers. Pairs of credentials are sold on the Dark Web daily, which gives hackers even more opportunities to harm you.
With your password in the hands of a hacker, you can end up in all sorts of trouble. A password breach allows a hacker to perform an account takeover (ATO) and impersonate you for various malicious purposes.
Therefore, you need to enhance your security settings to protect your account.
So far, multi-factor authentication is the best solution against such security breaches. With the second security layer it adds, even if your password is compromised, your account cannot be taken over, as the second factor isn’t present to complete the verification. This way two factor authentication protects you from identity theft and account takeovers.
How to turn on two factor verification for your SiteGround account
Securing your account with two-step login is a quick and straightforward process that improves your protection against hacking and identity theft.
Enable two-factor login & start generating codes
To turn on two step verification, go to your profile icon in the top right of your Client Area header and click on Login & Profile.
Navigate to Security > 2-Step Verification and click on Enable.
There are several steps you need to follow before you successfully enable two-step verification for your account. At any point in the process, you can go back to a previous step if you need to check or verify the information you have provided.
Download the authenticator app to your smartphone
SiteGround uses the Time-based One-time Password protocol to operate our two-factor login mechanism. To use it with your account, you need an app that supports this protocol. There is a compatible application for every major smartphone platform, and some of the most popular include:
- Google Authenticator (Android/iPhone/BlackBerry)
- Duo Mobile (Android/iPhone)
Download and install the app of your choice to your smartphone. It is worth mentioning that most people use Google Authenticator as it works with your Google account. After signing in to Google, the app on your phone starts generating one-time security codes for your SiteGround account.
Once you are ready, click Next to proceed with the next steps of the setup process.
Add your SiteGround account
On this step, you’ll see a unique Barcode (also called a QR code) and Secret generated for your account. Open the application you downloaded in the previous step and select the option to add a new account. Select Scan barcode on your phone and use the camera to scan the code provided in your SiteGround Client Area.
If you cannot use your camera to scan the QR verification code, add your account manually with the Manual Entry option. Type a name for your account and enter the Secret provided next to the QR code in your SiteGround account. If you are using Google Authenticator when manually adding an account, choose a time-based password rather than a counter-based. After you enter the Key manually or scan the QR code, click Next to proceed.
Confirm successful activation
Once you have successfully added your SiteGround account to the authenticator app, you will see a code that changes every 30 seconds.
Enter this code in the Enter Security Code text field and click Next.
The last step of the setup process is verifying the phone number you’ll use as a backup to your authenticator app. Enter your phone number in the required field and click the Send button. After a few seconds, you’ll receive an SMS code on the provided phone number to complete the activation.
Note that once you complete this step, the two-factor login is active and you will need to provide the code from the authenticator app to verify your identity.
How to log into your SiteGround account using 2-step verification
Go to your Client Area and log in, as usual, using your account username and password. You will be asked to enter the code from the authenticator app.
Open the authenticator app on your phone and find the code currently generated for your account. Enter it in the available field and press Login to enter your account securely. Note that on different devices and applications the code may appear with spaces between the digits. You need to enter the code without these spaces when logging in to My Account.
How to remove two-step verification
To remove two-step verification from your SiteGround account navigate to the Login & Profile part of your Client area. Scroll down to the Security section and check the available options.
Review and reconfigure two-step verification
When your two-step authentication is active, you can revisit the interface under Login & Profile in your Client Area to configure the different options or turn off 2-step verification altogether.
There are three options under 2-Step Verification:
- Add Extra Device – If multiple people access your SiteGround account, all of them need to add SiteGround to their authenticator apps. To add more devices, click the Add Extra Device tab and scan the QR code. Alternatively, you may add the account manually using the Secret code. When adding the account on additional devices you don’t need to confirm by entering the code on the next step since two-factor login has already been enabled for your account.
- Edit Backup Phone – This option allows you to edit the backup phone as well. You can use your primary phone (the one with the authenticator app on it) or another phone number (for example that of a close relative) to use in case you lose your phone.
- Disable – You can use this option to turn off two factor authentication. A pop-up will appear asking you to confirm that you would like to have the service disabled. Click Confirm and the 2-step verification will be disabled. You will then be able to access your account with only your regular SiteGround username and password.
Troubleshoot problems with two-factor login
If you don’t have access to your authenticator app/phone and cannot log in, click on the button “Can’t get your code?”. If you have added a phone number as a backup option you will have to send a text message with a verification code to proceed.
By selecting the Send code to ****** option you will receive a message (please wait a few minutes, some carriers take a while) on your mobile phone with a code.
Enter the code you received and press Submit to disable two-step verification. If you don’t receive the message, click on the link below the form field to re-send the text message.
This action will disable two-factor authentication and you can log into your account with just your username and password.
In the event of loss of access to your mobile phone number, send an email with an explanation of the case to compliance@siteground.com so we can assist you.