What is a Two-Factor Authentication (2FA)?
Two-factor authentication (2FA) is a security measure that adds additional protection to your Marketplace account by ensuring that the person trying to access the account is you. This process requests users to provide a second authentication factor to log in, such as a code received by SMS or an authenticator application, rather than simply a username and password.
2FA is required for all transactions on the Marketplace - purchasing, selling, and withdrawing funds.
Why is 2FA Important?
Two-factor Authentication (2FA) is important to keep your account secure. Open Loot requires you to have this enabled and verified whenever you take any financial-related action on the platform, including:
- Depositing or withdrawing funds
- Purchasing an item
- Listing an item for sale
- Unwrapping an item
Changing 2FA Methods
If you still have access to your original 2FA device:
- Log into the Marketplace
- Click on your account avatar icon (usually in the top-right of the screen)
- Select "Profile"
- Click on the arrow in the Two Factor Authentication (2FA) Setup section.
- In the Phone verification section select the trash can to delete the current phone number.
ATTENTION: It is important to have this cellular device so that a code can be sent via SMS after clicking GET CODE. Once the SMS code is entered, the phone number will be deleted as authentication and another one can be added.
6. Done, you can now set up your new 2FA method by accessing your account Profile again and clicking on the Two-Factor Authentication (2FA) status box.
If you have access to your alternative 2FA device or recovery codes:
- Log into the Marketplace
- When you get prompted to input your 2fa code, choose an alterative method:
- After filling the proper method you to your "Profile":
- lick on the arrow in the Two Factor Authentication (2FA) Setup section.
- In the Phone verification/Authenticator section select the trash can to delete the current phone number/Authenticator validation.
- Alternatively, if you want to generate new recovery codes click on "Generate New recovery Codes".
- After adding your first 2FA method, you will be given ten (10) recovery codes. You may write this down or download these codes as they will not be displayed to you again. A code can be used at any time to validate your session if you cannot verify via phone or app. Once a code is used, it cannot be used again. If you want to generate new codes, just go to the “Two-factor Authentication Setup (2FA)” page and click on “Get New Codes”, and you will be given ten fresh new codes. Any previous codes that you were given will no longer be usable. Read more about recovery codes here.
Identity Verification for 2FA Reset (only for eligible):
For users with a valid, long-standing KYC, there is an option to request a 2FA reset through identity verification.
- Navigate to your profile on OpenLoot and click on the Two Factor Authentication section.
- Below the 2FA options, if you are eligible, you will see a link that states: "Click here to reset your 2fa. Identity Verification will be required."
- A prompt will appear explaining the issue. If you wish to continue, click "Continue."
- You will need to verify your identity to ensure it matches the KYC records. Failing to do so can result in account suspensions.
-
After clicking continue the process cannot be reversed.
- The recertification process will start once the KYC provider confirms the details are approved. This verification process can take up to three weeks.
Maintaining access to your 2FA methods is your responsibility. Losing all of them (inlcuding the recovery codes) can be a significant setback, and it may lead to an extended account recovery process or even totaly loosing acces to said account.
If you lost access to your 2FA device and have no access to any other 2fa method, the only option is to contact customer support at the moment to see if a recovery is possible. To ensure account security, the recovery process is managed by multiple teams and likely requires several iterations to collect extra information from you. We will review the case and notify you if you are eligible for the manual 2FA reset.
Please note:
The recovery process is a meticulous and time-intensive procedure. It involves collecting extra information from you. Due to its nature, this process can take time—often several weeks (4) or more—to complete.
Comments
0 comments
Please sign in to leave a comment.