Reminder: unable to reset two-factor authentication codes
Posted: Sun Apr 22, 2018 9:54 am
I wanted to post a friendly reminder here that our policy is that we do not reset two-factor authentication keys for any reason. To avoid losing access to your account, you MUST back up your keys. We recommend using Authy because it provides an automatic backup feature. A backup password is requested upon first start, and then as long as you retain the same phone number, you can obtain the keys by entering your backup password.
Some customers have used Google Authenticator for storing two-factor authentication keys. We are not aware of Google Authenticator having any feature to make backups of keys, nor do we know of a way to obtain the keys, rather than just the current code, from Google Authenticator once it is scanned. If you choose to use Google authenticator, it is your responsibility to print an image of the QR code and store it offline.
The only way that we could reset two-factor authentication keys is by identity verification. Unlike exchanges, we don't collect identity documents. Our policy is that tax documents are not used for any other purpose than is legally necessary, and besides that, we do not have the private key to decrypt 1099-MISC and W8-BEN data onsite. Customers depend on this policy of no resets for their own security, so while the policy may be disappointing to some, we hope that you can understand the reasoning behind it.
Some customers have used Google Authenticator for storing two-factor authentication keys. We are not aware of Google Authenticator having any feature to make backups of keys, nor do we know of a way to obtain the keys, rather than just the current code, from Google Authenticator once it is scanned. If you choose to use Google authenticator, it is your responsibility to print an image of the QR code and store it offline.
The only way that we could reset two-factor authentication keys is by identity verification. Unlike exchanges, we don't collect identity documents. Our policy is that tax documents are not used for any other purpose than is legally necessary, and besides that, we do not have the private key to decrypt 1099-MISC and W8-BEN data onsite. Customers depend on this policy of no resets for their own security, so while the policy may be disappointing to some, we hope that you can understand the reasoning behind it.