/
How do I use two-factor authentication (2FA) with authenticator apps or hard tokens?

How do I use two-factor authentication (2FA) with authenticator apps or hard tokens?

Two-factor authentication (2FA) adds an extra layer of security to your Sunwave account. It requires both your password and a second factor (such as a code from an authenticator app or a physical security token). This greatly reduces the risk of unauthorized access.

What is 2FA?

2FA requires two types of factors to confirm your identity:

  • Knowledge factor: Something you know, such as your password.

  • Possession factor: Something you have, such as an authenticator app on your smartphone or a hard token like a YubiKey.

At Sunwave, you must complete 2FA each time you log in.

Use an authenticator app

Authenticator apps generate temporary, one-time codes on your smartphone that you enter in addition to your password.

Recommended apps

Sunwave recommends Google Authenticator, but other authenticator apps may also be used.

How to set up an authenticator app

  1. Enable 2FA in your Sunwave account settings.

  2. Open your authenticator app and scan the QR code provided by Sunwave.

  3. The app will generate a 6-digit code linked to your account.

How it works during login

  1. Enter your username and password in Sunwave.

  2. Open your authenticator app and retrieve the current 6-digit code.

  3. Enter the code into the 2FA prompt.

  4. If the code matches, access is granted.

Codes typically expire every 30 seconds, which helps prevent unauthorized reuse.

Use a hard token (YubiKey 5C NFC)

A hard token is a physical device used for authentication. Sunwave supports devices such as the YubiKey 5C NFC, which connects via USB-C or NFC.

These devices typically generate one-time passwords (OTPs) or dynamic codes that are required in addition to your password. Because the token must be physically present, it greatly reduces the risk of unauthorized access even if your password is compromised.

Benefits of using a hard token

  • Physical security: Access requires possession of the token.

  • Enhanced protection: Even if your password is stolen, the token must also be used.

  • Reliability: Works across multiple systems with no reliance on SMS or email.

How to set up a YubiKey

  1. Register your YubiKey in Sunwave account settings.

  2. Follow the prompts to link the device.

  3. At login, connect your YubiKey and provide the requested code or touch confirmation.

For detailed instructions, see:

Why Sunwave requires 2FA

By requiring both something you know (password) and something you have (authenticator app or token), Sunwave protects accounts against threats like phishing and password breaches.