On June 22, 2020, Arduino announced a new initiative to improve security: a two-factor authentication (2FA) for Arduino web services.
Multi-factor authentication has become a growing practice across the web to reduce internet crime. Its proponents claim it can lead to significant reductions in online identity theft and other forms of fraud, as users now have to provide something more than just a password to access their accounts.
With 2FA enabled on Arduino, users get an additional security layer to their account so they can have better protection of any devices connected to the Arduino IoT cloud.
Users are encouraged to enable 2FA and go through the two-step verification process to login to arduino.cc in order to enhance online safety across the Arduino community.
How to Enable Two-Factor Authentication on Arduino
In order to enable 2FA, you’ll need to choose and use an authenticator app, such as Authy, Google Authenticator, Microsoft Authenticator, or LostPass, etc.
Here’s your step-by-step guide for setting up 2FA:
-
Navigate to the id.arduino.cc page, go into your account profile, and click on “Activate” where you see “2-Step Verification” under Security.
You’ll be notified that every time you sign in to Arduino, you’ll need both your password and an authentication code. This helps prevent someone who obtains your password from logging in to your account.
-
Scan the QR code with your authenticator app.
-
You should now see a 6-digit code in your authenticator app that will change every 30 seconds.
You’ll want to enter the code you see on your app into the text field and hit “Verify.”
-
**Save your recovery code in a safe place**
It’s important that you don’t lose your recovery code. If you happen to lose your 2FA codes by losing or breaking your phone and the necessary app, you’ll still be able to access your account with the recovery code. However, if you lose both the 2FA and the recovery codes, you will lose access to your account.
Note: the recovery code is intended to be used only once – if you use it, you will be provided with a new one for future use.
-
2FA should now be activated for your account!
Don’t forget to keep your device handy when you want to login to your Arduino.