Subscribe to receive notifications of new posts:

Two-factor Authentication Now Available

11/28/2012

3 min read

With web performance and security being the core of CloudFlare, we are always looking for ways to improve not just our customers' website security, but their account security as well. Therefore, we are excited to now offer two-factor authentication for all CloudFlare accounts.

With two-factor authentication, our customers' accounts get an added layer of login security, ultimately adding another layer of security to their websites. We've been working on this feature for a while, and we are happy to announce that it's ready and available to all CloudFlare customers.

To make this feature happen, we worked with Authy, a startup who loves security too. Authy provides an easy-to-use, powerful two-factor authentication service. Their mission is to turn everyone's cell phone into a secure token. The Authy app works with iOS and Android devices and we're providing it free to all CloudFlare account holders. Here's how it works.

Easy additional account security

To turn two-factor authentication on, you simply log into your CloudFlare account, navigate to "My account" and select "two-factor authentication with Authy."

Two-factor Authentication Now Available

Once there, you will enter your mobile phone information and select "enable two-factor authentication."

You will then receive a text message (your provider's standard text messaging rates will apply). The text message includes a link to download the Authy app. The Authy app will ask you to enter your your mobile phone number. It will then text you a setup pin that you need to enter into the Authy app.

Two-factor Authentication Now
AvailableTwo-factor
Authentication Now
Available

Once you receive your pin number via text, enter it into the Authy app. The Authy app will then be authorized and able to generate authentication tokens unique to your account. In the future, whenever you access your CloudFlare account you'll need three things: 1) your email address, 2) your password, and 3) your two-factor authentication token.

When you login to CloudFlare for the first time after enabling two-factor authentication, you will need to launch the Authy app on your phone. It will generate a unique, 7-digit authentication token. The authentication token is good for 30 seconds and then will change to a new token.

Two-factor Authentication Now Available

You can store your authentication for 14 days. If you login from an unrecognized device, or after your authentication expires, you'll need to open the Authy app and get your new authentication token for that device. The Authy app does not rely on you having network access, so you can retrieve your code even if your phone is not connected to the Internet.

If you ever lose your phone or get a new one you can reassociate your account by following the reset instructions on Authy's website.

You don't need to enable two-factor authentication in order to continue to use CloudFlare. However, we're providing it to all CloudFlare customers free and we recommend it for everyone who wants additional account security.

We protect entire corporate networks, help customers build Internet-scale applications efficiently, accelerate any website or Internet application, ward off DDoS attacks, keep hackers at bay, and can help you on your journey to Zero Trust.

Visit 1.1.1.1 from any device to get started with our free app that makes your Internet faster and safer.

To learn more about our mission to help build a better Internet, start here. If you're looking for a new career direction, check out our open positions.
AuthySecurity

Follow on X

Cloudflare|@cloudflare

Related posts

March 08, 2024 2:05 PM

Log Explorer: monitor security events without third-party storage

With the combined power of Security Analytics + Log Explorer, security teams can analyze, investigate, and monitor for security attacks natively within Cloudflare, reducing time to resolution and overall cost of ownership for customers by eliminating the need to forward logs to third-party SIEMs...

March 08, 2024 2:00 PM

Introducing Requests for Information (RFIs) and Priority Intelligence Requirements (PIRs) for threat intelligence teams

Our Security Center now houses Requests for Information (RFIs) and Priority Intelligence Requirements (PIRs). These features are available via API as well and Cloudforce One customers can start leveraging them today for enhanced security analysis...