We use two-factor authentication (2FA) to secure your account using an authenticator app. Adding two-factor authentication to your account greatly improves its security in the event that your email account gets compromised by attackers.
Once your 2FA is set up, please make sure to disable cloud/email backup on your 2FA apps to maximize security (more details on this below).
How does it work?
The first time you withdraw Bitcoin to a wallet or send a wire transfer to Swan, you’ll be prompted to set up your 2FA. If possible, please log in to your Swan account on a desktop or laptop computer so that your phone is available. You can also access the 2FA page directly here.
Use your phone to navigate to an app store. On Android devices, it’s the “Google Play Store”, and on iPhones, it’s called the “App store”. Please download “Google Authenticator (Android Download, Apple Download)” as we find it’s the easiest to use. Once the app is downloaded to your phone click, “Yes I have an Authenticator app” on your logged-in Swan account screen shown below:
Once you click, "Yes I have an authenticator app" Swan will text your phone number a 6 digit code. This is to verify that you are using the phone registered to your account. Once you have entered that code, a QR code will be displayed.
Open the Google Authenticator app on your phone. The app will ask you to log into your Google account. We recommend that you do not sync your authenticator app with your email. The reason being, if your email is ever compromised, attackers could get access to your 2FA codes. You can bypass this connection by selecting "use without an account."
Once you are in the app tap the + button in the lower bottom right corner, then tap “Scan a QR code”. Hold your phone's camera up so that it can scan the QR code shown on your computer screen, you may need to give your app permission to access your camera. Your Authenticator app will register this unique QR code and continuously generate new 6-digit codes every 30 seconds. Confirm on the Swan website you have completed this step by entering the current code from your phone. If the code changes before you enter it into the computer it will not work.
This process can also be completed on mobile only. If that is the case, you'll just have to copy-paste the verification code from the Swan site into your Google Authenticator manually. Click "Enter a setup key", instead of "Scan a QR code" on the Authenticator app after hitting +.
Once you have 2FA set up on your account, Swan will ask you for your 2FA code when you:
- add a new wallet.
- login to your Swan account.
If you lose or change phones without transferring your 2FA codes, you can follow the instructions here to reset it.
If you have an account that requires multiple parties to access it
Some people avoid adding a two-factor login because they share an account with a spouse or others in their company. This is a dangerous practice that can easily be avoided by setting up a shared 2fa account. One way to do this is to have you and the other parties involved scan the QR code at the same time while setting up. Alternatively, you can use 1Password's 2FA sharing feature to share access with multiple parties.