Toggle Menu


What is Two-Factor Authentication (2FA)?

"Two-factor authentication (also known as 2FA) is a method of confirming a user's claimed identity by utilizing a combination of two different components. Two-factor authentication is a type of multi-factor authentication.
A good example from everyday life is the withdrawing of money from a cash machine; only the correct combination of a bank card (something that the user possesses) and a PIN (personal identification number, something that the user knows) allows the transaction to be carried out." (Wikipedia)

Online, 2FA is an additional time-sensitive one time code that you input alongside your username and your password in order to login. This prevents an attacker from accessing your account in case your password is compromised as the attacker would need to also have knowledge of this changing code.

The traditional way of receiving these 2FA codes is either via SMS which is slow and insecure or via an authenticator app such as Google Authenticator. The latter is more secure than the former but is extremely inconvenient due to the fact that you are required to unlock your phone, open the authenticator app and type the 6 digit 2FA code into your browser every time you want to login.

Myki simplifies this process by holding these 2FA tokens for you and by inputting them alongside your username and password whenever you grant access to an account from your smartphone.



Which websites support 2FA and how can I enable it?

There are different procedure for enabling 2FA but it generally involves going into the settings page of the website and enabling it from there. This website (twofactorauth.org) contains a list of all services that support 2FA with a link to the setup steps. In order to add your 2FA secrets into Myki, select the authenticator app option on the website and, in the Myki app, click on the account you would like to add 2FA to —> Settings —> Setup 2FA the scan the QR code displayed on the website.



How can Myki manage my 2FA secrets, isn't it against the point of 2FA?

Myki has a unique architecture that trades cloud storage and a master password for a decentralized P2P encrypted model, which means that passwords are stored on your smartphone and backups are made to extensions you are paired to. It is because of this very architecture that Myki can securely store your 2FA secrets alongside your passwords without compromising your security. Myki conveniently auto-fills your 2FA tokens when logging in which encourages users to enable 2FA on all of their supporting accounts.



How does Myki auto-fill my 2FA tokens?

When logging into an app or website on your phone Myki will automatically fill the 2FA token when it can detect the field for it, if it can't it will display a local notification on your phone with your 2FA token.

When logging in to an account on your computer, Myki will send the 2FA token alongside the username and the password when you approve the login request sent via push notification to your smartphone.