Oct. 20

How to Setup 2-Step authentication ? (Google Authenticator)


Account Security Tips 

At UnlockBase we take the security of our customers very seriously since very long time. We try our best to make our website as secure as possible being PCI Compliant & McAffee Secure as well as using the best SSL Certificate. On top of all that all customer passwords are encrypted (Even our own team can’t see your password, only customers can generate a new password using the password recovery process). So far we have a 100% password safety record, even during the notorious “Heartbleed” event of April 2014 no passwords were leaked.

Your credits are always safe with us. Still the main fight for us is about the security on YOUR SIDE essentially because of numerous potential attempts of “Password Phishing“.

What is Password Phishing ? 

It’s when somebody tries to steal your password on your computer using Virus, Key-logger, Fake Website, Email, etc…. There are plenty of methods and the way you protect your own password on your own hardware is obviously beyond our control. So the best is to know about the risk and be careful, there is actually a great post on Wikipedia about phishing scheme, please check it using this link.

So first keep in mind UnlockBase will never ask for your password. And then, always be careful if you receive an email with a “too good to be true” offer, or software to download (we never send Software by email). When this happens don’t forget to check before you click any link in an email that the URL in your browser strictly shows the http://www.unlockbase.com domain.

But how do we deal with that ?

However if somebody does manage to steal your password, you’re still in good hand with us as we record all suspicious activities using API Key Check, or if we notice somebody trying to log into your account from an unusual IP Address or from a different country. We can’t give all details, but be sure we constantly monitor all activity. And since the beginning (2004) in case of doubt we just send a Unique Code by SMS to the Cell Phone Number you provided to us when you register on our server. If you can’t provide the unique code you receive then you just can’t log in your account.

But that’s not all, as we always listen to our customers, we noticed that many customers complaint about getting locked out of their accounts while travelling because they just don’t use the same Cell Phone Number while they travel… So recently we offered a new “2-Step Authentication” using “Google Authenticator” available for free on iOs (iTunes), Android (Play Store) and BlackBerry.

To understand how to it work, just take a look at this short video :

The Google Authenticator App generates a Unique PIN (6 Digits) on your Cell Phone every 30 seconds. And on the top of your Password we will request for this Unique PIN every time you try to log into your account. This way even if somebody steals your password, they just can’t go any further without your Cell Phone ! So if you’re a control freak or simply take your account security very seriously, we invite you to setup this extra layer of security directly from the “Settings”section of your UnlockBase account, in the section “Account Security” as explained in the video above.