Runscope API Monitoring    Learn More →

Keep Your Account Safe: Two-Factor Authentication with Google Authenticator

By Heitor Tashiro Sergent on .

Security is a top priority for us at Runscope. It's important for us to make sure that your data is always safe, and to also empower you with any tools that we can to allow you to protect your companies' data.

We added support for two-factor authentication back in July of 2015. Users could enable 2FA in their accounts via SMS, or by using the Authy app. But, we understand that sometimes users can have different apps that handle 2FA, such as Google Authenticator and other TOTP compliant apps that require a QR code.

So, last week we've added support for Google Authenticator and other apps as two-factor authentication options for Runscope users!

 A GIF showing a logged in view of a user's Runscope account, under the www.runscope.com/profile page. It shows the two-factor authentication section of the page being enabled, a phone number being entered, and an authentication code being entered as well to finish the process. Finally, it shows the new QR Code section that appears after the user successfully enables 2FA, the "Generate QR Code" being clicked, and a QR Code showing up.

To enable 2FA for your Runscope account, follow these steps:

  • Go to your profile page and scroll down to the Two-Factor Authentication section
  • Enter your phone number and click "Verify Phone Number"
  • If your phone number is tied to an Authy account, you'll get a push notification from Authy with an access code
  • Otherwise, you'll get an SMS with an access code. Enter that code under Authentication Code and click "Save Changes"
  • Next, you'll see a section named QR code show up under "Verify Phone Number". Click on the link "Click here to generate"
  • Wait for the QR code to be generated, then scan it with your 2FA app
  • You're all set!

We still recommend using Authy for a few reasons (mobile and desktop apps, push notifications, easier account recovery), but we also understand that users can have their own preferences, and juggling multiple apps for different services can be a hassle.

No matter which way you decide to enable two-factor authentication, we recommend enabling it for your entire team to ensure that you have another security layer for your data and your APIs.

Categories: announcements, howto, security, product

Everything is going to be 200 OK®