Skip to main content

Two-Factor Authentication (MFA) - Extra Security for Your Account!

Protect your account with two-factor authentication! Simple setup, maximum security.

What Is MFA (Multi-Factor Authentication)?

What Does MFA Mean?

MFA (Multi-Factor Authentication) is an extra security layer that:

  • 🔒 Provides double protection for your account
  • 📱 Uses a phone app for code generation
  • ⏱️ Time-based codes - Change every 30 seconds
  • 🔑 Backup codes - Emergency access

How Does It Work?

  • Log in with email + password combination
  • The system asks for a 6-digit code
  • The app on your phone generates a code
  • Enter the code, and you're done! ✅

💡 Why is it secure? Even if someone gets your password, they can't log in without your phone!

Supported Authenticator Applications

ApplicationPlatformRecommended
🔵 Google AuthenticatorAndroid, iOS⭐⭐⭐⭐⭐
🔷 Microsoft AuthenticatorAndroid, iOS⭐⭐⭐⭐⭐
🟠 AuthyAndroid, iOS, Desktop⭐⭐⭐⭐
🔑 1PasswordAll platforms⭐⭐⭐⭐
🔓 BitwardenAll platforms⭐⭐⭐⭐

💡 Recommendation: Google Authenticator or Microsoft Authenticator - simple and reliable!

Setting Up MFA - Step by Step

Starting MFA Activation

Steps

  • Log in to your account
  • Go to Settings menu
  • Find the "MFA / Two-Factor Authentication" section
  • Click the "Enable MFA" button

Scanning the QR Code

What You See on Screen

  • 📱 QR code - For scanning
  • 🔑 Secret key - For manual setup
  • 🎫 Backup codes - 10 pieces (XXXX-XXXX format)

What to Do?

  • Open the authenticator app on your phone
  • Select "Add Account" option
  • Scan the QR code with your phone
  • OR enter the secret key manually

💡 QR code scanning: The simplest method! The phone camera sets it up instantly.

Saving Backup Codes

What Do Backup Codes Do?

  • 🆘 Emergency access - If you don't have your phone
  • 🔢 10 codes - Each usable once
  • 💾 Save them - To a secure place!

Example backup codes:

  • A1B2-C3D4
  • E5F6-G7H8
  • I9J0-K1L2
  • M3N4-O5P6
  • Q7R8-S9T0

Where to Save?

  • 📝 Write on paper and put in a safe place
  • 💾 Save in password manager
  • 📧 Email to yourself (secure email!)
  • ☁️ Cloud storage (encrypted)

⚠️ Important: Without these, you can't log in if you don't have your phone!

Verification and Activation

Final Step

  • The authenticator app generates a 6-digit code
  • Enter the code on the indo.rent site
  • Click the "Activate" button
  • Done! MFA is now active ✅

💡 Tip: The code is valid for 30 seconds. If it expires, wait for a new one!

Logging In with MFA

How to Log In?

Normal Login

  • Enter your email address
  • Enter your password
  • Click the "Login" button

Entering MFA Code

  • A new window appears
  • Open the authenticator app
  • Look at the 6-digit code
  • Enter the code
  • Click the "Verify" button

Successful Login!

  • ✅ You're logged in
  • 🔒 Extra secure

What If You Don't Have Your Phone?

Using Backup Code

  • In the MFA window, click the "Use backup code" link
  • Enter one of your backup codes
  • Click the "Verify" button
  • ✅ You're logged in!

⚠️ Warning: Each backup code is usable only once! If they run out, generate new ones.

Managing Backup Codes

Generating New Backup Codes

When to Generate New Ones?

  • 📉 If backup codes run out
  • 🔒 If you want new codes for security reasons
  • 💾 If you lost the old codes

How to Generate New Ones?

  • Log in with MFA
  • Go to Settings
  • Click the "Generate new backup codes" button
  • Enter the MFA code for verification
  • Save the new codes!

⚠️ Warning: New generation deletes all old backup codes!

How Many Backup Codes Remain?

You can see on the Settings page

  • 🔢 Number of backup codes: X/10
  • 📊 Status: Sufficient / Few / Running Out

💡 Recommendation: If 3 or fewer codes remain, generate new ones!

Disabling MFA

How to Disable?

Steps:

  • Log in to your account
  • Go to Settings
  • Find the MFA section
  • Click the "Disable MFA" button
  • Enter the MFA code or backup code for verification
  • Confirmation - Click "Yes, disable it"

⚠️ Warning: After disabling, all MFA data is deleted:

  • 🔑 Secret key
  • 🎫 Backup codes
  • 📱 Authenticator app settings

💡 Security tip: Only disable if really necessary!

Security Features

Rate Limiting - Brute Force Protection

What Does It Mean?

  • 🚫 Limited attempts - Can't try infinite codes
  • ⏱️ Wait time - Increasing wait after wrong code
  • 🔒 IP blocking - Automatic blocking of suspicious IP addresses

Audit Logging

What Do We Log?

  • 📝 MFA activation/deactivation - When and from where
  • 🔐 Login attempts - Successful and failed
  • 🎫 Backup code usage - Which code, when
  • 🔄 Backup code generation - Creating new codes

💡 Advantage: If something suspicious happens, we'll let you know!

Data Protection - GDPR Compliance

How Do We Protect Your Data?

  • 🔐 Encrypted storage - MFA secret securely
  • 🗄️ JSON format - Structured storage of backup codes
  • 📜 GDPR compliance - European data protection rules
  • 🗑️ Data deletion - Everything deleted when MFA disabled

Why Use MFA?

Security Benefits

🔒 Account Protection

  • Significantly reduces account hacking risk
  • Protected even if password is stolen
  • Double protection

✅ Compliance

  • Industry standard compliance
  • RFC 6238 TOTP standard
  • Internationally accepted

🤝 User Trust

  • Higher security level
  • Professional platform
  • Reliable service

📊 Audit Support

  • Detailed security logs
  • Traceability
  • Transparency

User Experience:

✨ Simple Use

  • Wide choice of authenticator apps
  • QR code-based setup
  • Ready in minutes

🔑 Flexible Access

  • Backup codes for emergencies
  • Multiple device support
  • Always can log in

⚡ Quick Setup

  • Active in 5 minutes
  • Step-by-step guide
  • User-friendly interface

🏆 High Reliability

  • Industry standard
  • Tested technology
  • Secure implementation

Quick Guide

Enabling MFA

  • 👤 Login
  • ⚙️ Settings menu
  • 📱 Scan QR code
  • 💾 Save backup codes
  • 🔢 Enter code
  • ✅ Activate!

Logging In with MFA

  • 📧 Email + password
  • 📱 Open app
  • 🔢 Enter 6-digit code
  • ✅ Login!

Frequently Asked Questions

What happens if I lose my phone?

Use backup codes to log in!

How many backup codes do I have?

10 pieces, each usable once.

What if backup codes run out?

Generate new ones in Settings (with MFA code).

Can I disable MFA?

Yes, but verification required (MFA code or backup code).

Which app should I use?

Google Authenticator or Microsoft Authenticator recommended.

Is MFA secure?

Yes! According to RFC 6238 standard, industry standard.

How long is a code valid?

30 seconds, then a new one is generated.

Can I use multiple devices?

Yes, scan the same QR code in multiple apps.

Summary

Security Features

  • ✅ TOTP-based authentication (RFC 6238)
  • ✅ Backup codes for emergencies
  • ✅ QR code automatic setup
  • ✅ Rate limiting brute force protection

Supported Apps

  • 📱 Google Authenticator
  • 📱 Microsoft Authenticator
  • 📱 Authy
  • 📱 1Password
  • 📱 Bitwarden

User Features

  • ✅ Simple setup
  • ✅ Flexible login
  • ✅ Backup code management
  • ✅ Enable/disable with verification

Activate MFA now and protect your account! 🔐✨

Have questions? Write to us, we'll help with setup! 💬