Use the HelloID security overview page to:
- Review recent account login activity.
- Add or remove your secondary authentication factors.
To get started, go to the account menu in the top-right screen corner and select Security.
Recent login activity
Lists the last three logins to your account, including:
- How long ago the login happened
- The geographic location
- The originating IP address
- The browser used
- The second factor used
If you see activity you don't recognize, then contact your IT department. Your account may be compromised.
HelloID supports multifactor authentication (MFA), an account security process requiring two or more steps to log in. A factor is something which verifies your identity, usually in addition to your username and password. Thus, adding a second factor protects your account in the event your password is compromised.
The most common type of factor is a 6-digit code sent by email or text, or generated with a mobile app. Many websites refer to MFA as 2FA, or two-factor authentication.
Add or remove factors here, if your IT administrator has enabled MFA.
HelloID supports four factor types:
An authentication code via email.
A software-based 2FA authenticator app, such as HelloID Authenticator, Google Authenticator, or Microsoft Authenticator.
- Classic Hardware Token
A hardware-based OATH TOTP token. Provides one-time numerical codes, usually via an LCD screen.
- Security key
A hardware-based FIDO/U2F or FIDO2/WebAuthn security key, such as a YubiKey or Titan Security Key. Connects to your device via USB, Bluetooth, NFC, or other protocol to perform a cryptographic exchange.
Add a second factor
Select Add on your desired factor type, and follow the instructions below.
- Enter and confirm your email address. Select Send code.
- Check your email for your 6-digit code.
- Enter your 6-digit code on the following screen:
- Your email address is now enrolled as a second factor.
Download and install a mobile 2FA app, if you don't already have one. Recommended 2FA apps include:
- HelloID Authenticator
- Google Authenticator
- Microsoft Authenticator
The benefit of using the official HelloID Authenticator is push authentication. Instead of manually typing in a 6-digit code, you simply tap a button. Learn how to log in with push authentication. Third party authenticator apps such as Google and Microsoft Authenticator do not support push authentication with HelloID.
The following example uses HelloID Authenticator, but all 2FA apps share a similar process.
- After selecting Add on the HelloID security overview page, A QR code appears.
- In the HelloID Authenticator app, select the plus sign. In other 2FA apps, this option may be called "scan barcode" or "scan QR code."
- Scan the barcode as instructed.
- Now, the HelloID Authenticator app displays a 6-digit code for your account.
- Enter this code on the HelloID security overview page to confirm enrollment.
- Your HelloID Authenticator app is now enrolled as a second factor.
Classic Hardware Token
Contact your IT department to add an OATH TOTP classic hardware token. End users aren't allowed to manually add a classic hardware token.
- After selecting Add on the HelloID security overview page, your device's operating system prompts you to connect and configure your security key. This process differs by operating system and security key type. Consult outside documentation if needed.
- Your security key is now enrolled as a second factor.
Note that if you add multiple factors, you only need to verify one of your choice when logging in.
Remove a second factor
Select Remove, and then select the Remove factor button.