Here at SSD Nodes, we can’t recommend enough that our customers turn on two-factor authentication (2FA) as soon as they create their account and launch their first virtual private server (VPS).
2FA is a reliable method of increasing the security of your account by enforcing two methods of authentication when you log in. For the most part, this second method is your phone.
Even if you’ve had servers with us for years, and still haven’t enabled it, there’s still time.
Let’s take a quick walk through the process of enabling 2FA on your SSD Nodes account.
It's important to note that 2FA only secures the account that you use to log into your dashboard, not your servers themselves. For more information on using a similar technology (SSH keys) on your VPS, check out our other tutorial: Setting Up and Securing SSH-Based Authentication.
Enabling 2FA on your SSD Nodes account
First, log into the client area . Hopefully, this interface is familiar to you—it’s where you can administer your VPS, order a new server, and more.
Click on the dropdown menu that says
"Hello, YOUR-NAME!" and then click on
The 2FA settings page will open immediately. To start the activation process, click on the
Click here to Enable button.
You’ll see a short description about what 2FA does and how you will use it. Click the
Get Started button to continue.
With SSD Nodes, you’ll use an application on your smartphone to generate a security code. You’ll use this code to authenticate yourself when you log in.
To enable the SSD Nodes 2FA process on your smartphone, each of these applications allow you to take a picture of the QR code that appears on your screen. Or, you can copy the secret key that appears above the QR code.
|Secret key and QR code redacted for security!|
Confirm button to move forward.
You’ll be asked to verify that you’ve configured your 2FA app correctly by entering a code now. We’ll only activate 2FA once we know that your application works. Once you enter a verified code your account will be secured with 2FA!
In the case of lost or stolen phones
Between accidents, thefts, and unexpected factory resets, we understand that there are times where 2FA isn’t available to you. This is why we provide a one-time use backup code to help you access your account if you can no longer use the 2FA app. Write this code down on paper and keep it somewhere safe.
|Backup code redacted!|
We also recommend using a 2FA app that enables some kind of synchronization or backup. Both Authenticator Plus and Authy offer these features—if your phone is stolen, you will be able to access your 2FA codes on a new device or via the web.