2FA now supported on Newton

April 21, 2020
Michelle Vacarciuc
BACK

Keeping your login details secured is crucial in the world of irreversible cryptocurrency transfers.

You can now authenticate your Newton account using Authy Push Authentication, a method that is significantly more secure than SMS.

The low-down on 2FA

2FA stands for two-factor authentication and acts as a second layer of account protection. While there are a variety of 2FA methods, hardware tokens and authenticator applications like Authy rank among the most secure.

https://authy.com/

Authy Push Authentication vs. SMS — what’s the big deal?

The SMS method sends authenticator codes via text message. While SMS provides more security than a password alone, it can leave your account vulnerable to SIM swap attacks.

Authy Push Authentication generates an RSA key pair on your mobile device, and then sends the public key to Authy’s servers. When you Approve or Deny an authentication request on your phone, Authy can cryptographically verify that the response came from you and that it wasn’t modified in transit.

How Push Authentication works (image from Authy).

This is superior to the more common TOTP/HOTP 2FA method that requires you to enter a code generated by an authenticator application. TOTP/HOTP, while more secure than SMS, is still vulnerable to Man-In-The-Middle attacks — Push Authentication largely eliminates this vulnerability using public key cryptography.

How to change from SMS to Authy 2FA in Newton

  1. Download the Authy app on iPhone or Android.
  2. Login to your Newton account and navigate to the menu and select 2FA method.
  3. Select Authy on the slider. The next time you log into your Newton account, your 2FA method will be Authy.

Click the slider to change your 2FA method to Authy.

How to use Authy Push Authentication with notifications turned on

  1. Make sure push notifications are enabled for the Authy app.
  2. Change your 2FA method on Newton from SMS to Authy.
  3. Login to your Newton account.
  4. You should receive a push notification from Authy prompting you to authenticate your login request. Tap on the notification.
  5. Tap on the Approve button. You’ll then be redirected to your Newton dashboard.

Tapping the notification will prompt you to approve a login request.

How to use Authy Push Authentication with notifications turned off

  1. Change your 2FA method on Newton from SMS to Authy.
  2. Login to your Newton account.
  3. In the Authy app, navigate to the red bell icon.
  4. Navigate to the Pending tab.
  5. Tap on the notification pertaining to Newton 2FA and tap Approve. You’ll then be redirected to your Newton dashboard.


Want to help us shape the products we build? We're always looking for valuable insight and feedback from our users. If you have features you'd like to see or are interested in joining our user research group, email support@newton.co

join our research group