Why you should use the MFA option for your BitOasis account?

When you create your BitOasis account, we ensure you follow the best security practices to protect your data, funds, and privacy. But this mission cannot be accomplished without your help. One way to protect your account is by sending you an SMS or giving you a call to provide you with an authentication code to make sure that it’s you signing in, not someone who managed to get your password.

But is the SMS/call authentication option enough? Compared to not having a multi-factor authentication (MFA), and relying solely on your password to protect your account, sure! It is. But if you want to be extra cautious and protect yourself from the hundreds of malicious attacks happening every day, it’s highly recommended to use an authentication app.

What are authentication apps?

Authentication apps do almost the same job SMS codes do, but instead, you add the account you’d like to protect with the app and get the authentication code through the app, which is valid for a very short period, one minute most of the time.

This way no matter what device or location your account is being opened from, you must approve the sign-in from your phone. 

The most famous and common authentication apps are Google Authenticator and Microsoft Authenticator, but hundreds of other alternatives are available, including some password management apps like LastPass.

Are authentication apps safer than SMS codes?

Most experts agree that they are, and there are many reasons for this.

First things first, SMS and regular calls are relatively old technologies that don’t utilize any kind of encryption. Instead, they’re transmitted in clear text, making them easier to intercept. And also the SMS/call codes need cellular network coverage, unlike the account you’re signing in to, which only needs an internet connection that can be available through Wi-Fi, satellite, and cellular networks. 

This means you’ll still be able to sign in to your account if you are abroad or for any reason don’t have cellular coverage, as long as you are connected to the internet, not to mention that most of the major authentication apps work offline, meaning you don’t even need your phone to be connected to the internet to safeguard your account.

How to use an authentication app with BitOasis?

When you create a BitOasis account, the default authentication option is the SMS/Call code. To change that or add an MFA device follow these steps:

  1. First, install your favorite authentication app on your smartphone. 
  2. Sign in to www.bitoasis.net, adding an MFA device is not available from the app right now.
  3. Go to Dashboard and from there go to Settings.
  4. From Security, go to MFA Devices, then press Add device.
  5. You will be asked to enter a six-digit code sent to your phone number via SMS. After you have entered the code correctly, you will see a QR code and a written code. 
  6. Go to your authentication app, and add an account, where you can use any of the two codes to complete the process. You can change the device’s name to tell it apart from the other devices you might add later.
  7. Enter the six-digit code showing on your authentication app before it expires, and press Authorize Device.

If you remove all the MFA devices, you’ll go back automatically to using SMS confirmation. And if you lose access to your MFA device and can’t log in to your account, please contact our customer service team.