Two-Factor Authentication (2FA) Reset

What is a Two-Factor Authentication (2FA)?

Two-Factor Authentication (2FA) is a security measure that adds additional protection to your Marketplace account by ensuring that the person trying to access the account is you. This process requests users to provide a second authentication factor to log in, such as a code received by SMS or an authenticator application, rather than simply a username and password.

2FA is required for all transactions on the Marketplace - purchasing, selling, and withdrawing funds.

Why is 2FA Important?

Two-factor Authentication (2FA) is important to keep your account secure. Open Loot requires you to have this enabled and verified whenever you take any financial-related action on the platform, including:

• Depositing or withdrawing funds
• Purchasing an item
• Listing an item for sale
• Unwrapping an item 

Changing 2FA Methods 

If you still have access to your original 2FA device:

1. Log into the Marketplace
2. Click on your account avatar icon (usually in the top-right of the screen)
3. Select "Profile"
   
4. Click on the arrow in the Two Factor Authentication (2FA) Setup section.
5. In the Phone verification section select the trash can to delete the current phone number.

ATTENTION: It is important to have this cellular device so that a code can be sent via SMS after clicking GET CODE. Once the SMS code is entered, the phone number will be deleted as authentication and another one can be added.

   6. Done, you can now set up your new 2FA method by accessing your account Profile again and clicking on the Two-Factor Authentication (2FA) status box.

If you have access to your alternative 2FA device or recovery codes:

1. Log into the Marketplace
2. When you get prompted to input your 2fa code, choose an alterative method:
   
3. After filling the proper method you to your "Profile":
   
   
4. lick on the arrow in the Two Factor Authentication (2FA) Setup section.
5. In the Phone verification/Authenticator section select the trash can to delete the current phone number/Authenticator validation.
6. Alternatively if you want to generate new recovery codes click on "Generate New recovery Codes".
   
   
7. After adding your first 2FA method, you will be given ten (10) recovery codes. You may write this down or download these codes as they will not be displayed to you again. A code can be used at any time to validate your session if you cannot verify via phone or app. Once a code is used, it cannot be used again. If you want to generate new codes, just go to the “Two-factor Authentication Setup (2FA)” page and click on “Get New Codes”, and you will be given ten fresh new codes. Any previous codes that you were given will no longer be usable. Read more about recovery codes here.

If you do not have access to any 2FA or recovery codes:

If you lost access to your 2FA device and have no access to any other 2fa method, the only option is to contact customer support at the moment to see if a recovery is possible. To ensure account security, the recovery process is managed by multiple teams and likely requires several iterations to collect extra information from you. We will review the case and notify you if you are eligible for the manual 2FA reset.

Please note: Due to the manual nature of this process, this recovery path may take some time (often several weeks or more) to complete.