We have released the capability to do Multi-Factor Authentication (MFA, or sometimes called 2-Step Verification) on RunSignUp. This is optional for all users (required for RunSignUp employees).
MFA is currently gaining popularity as an additional layer of security. The basic idea is that in addition to your password, you use another device (typically your phone with an app) with a separate code that is regenerated every 30 seconds to verify your identity. There are good articles on NIST, Wikipedia and Google that explain it in more depth.
Our MFA implementation requires the use of a MFA app. Some MFA systems will do txt messaging, but we do not because of cost considerations to keep our pricing low. You will want one of the ones we support (although others may work):
You can set this up from your Profile page:
The setup page will look like this (NOTE: DO NOT USE THE QR CODE BELOW):
Once you download one of the apps, you can simply aim your phone’s camera at the barcode you see on YOUR screen (not the example above, which is not a working code). You should then see the app give you a 6 digit number that you will enter where it says “Token” to the right of the barcode. That’s it!
Then whenever you login to RunSignUp, you will see a new field to enter the token. Just go back to your app and get the new code and enter it:
If you lose your token, or perhaps get a new phone and forget to sync your MFA QR Code, you can click on “Reset MFA”, and we will email you instructions to your email.