Two-Factor Authentication

Text Message/Email vs Authenticator app - which one is better?

Two-Factor Authentication helps secure your account, however, there are still some considerations you must take when choosing the method to generate your Two-Factor login code.

Authenticator App (Most Secure)

Using an authenticator app to generate your Two-Factor login codes is more secure than text messages.  The primary reason is, it's more difficult for a hacker to gain physical access to your phone and generate a code without you knowing about it.

Keep in mind, the phone or device you have the authenticator app installed on should be protected with a secure password.

Email (Moderate Security)

Using email to receive your Two-Factor login codes offers a moderate level of security. While email can be a convenient option, it may be less secure than using an authenticator app because email accounts can be susceptible to unauthorized access, particularly if they don’t have their own Two-Factor Authentication enabled.

To improve security when using email for Two-Factor codes, ensure your email account is protected with a strong password and enable Two-Factor Authentication for your email provider if possible. This adds an extra layer of protection and makes it more difficult for hackers to access your account.

Text Message (Less Secure)

Using text messages to retrieve your login code is less secure than using an Authenticator app.

The primary reason why it's less secure is that it's easier for a hacker to gain access to your text messages than it is to gain physical access to your phone.  There are methods for hackers to redirect your text messages, or hack into your phone carrier and access the text messages.  With an authentication app, the codes are generated and stored temporarily on your phone (or other device) and expire within a certain timeframe.

Note: Using text message Two-Factor is still better than no Two-Factor, however, keep in mind that it's not 100% secure.

Additional Notes on Security

There are some additional measures you can take to ensure the security of your GoCo account:

  • Never share your login or password with anyone (GoCo will never ask you for your password).
  • Make sure your authentication app is installed on a secured device that only you have access to.
  • Update your password with a strong password frequently.
  • Don't use the same password on GoCo that you use for other services.
  • Always be skeptical of emails, phone calls, and text messages that ask you to share your login, password, or your personal information that could be used to access your account.

If you have further questions, please contact us at help@goco.io. 💚

 

Last updated 10.31.24