FAQ: Two-Step Verification for RIPE NCC Access
- What is two-step verification?
Two-step verification is an optional but highly recommended security feature that adds an extra layer of protection to your RIPE NCC Access account. Once enabled, you will be required to enter a six-digit security code in addition to your password whenever you sign in.
The six-digit security code is generated by an authenticator application, which generates Time-based One-Time Passwords (TOTP). Any app that supports TOTP should work.
- How do I enable two-step verification?
Log into your RIPE NCC Access account and click the "Enable Two-Step Verification" button on the profile page. A wizard will guide you through the steps of enabling the functionality. When setting up the authenticator app, you can either scan a QR-code, or enter the secret key manually. When manually setting up the account, make sure you choose a Time-Based configuration.
- Which authenticator apps can I use?
Any application that supports Time-based One-Time Passwords (TOTP) can be used for two-step verification. Here are some apps you could install:
- Google Authenticator (Android, iOS, BlackBerry)
- FreeOTP (Android)
- HDE OTP Generator (iOS)
- DUO Mobile (Android, iOS)
- After entering my username and password I'm asked for a security code. Now what?
After entering your user name and password, you'll be asked to "enter the security code generated by your authenticator app". In most cases, just launching the application will generate a new code. You should refer to your application's documentation for specific instructions. You should enter this code to gain access to your account.
In most cases, a new code is generated every 30 seconds after which the previous one expires, so you should make sure you enter the code immediately. If you cannot gain access to your account after repeated attempts, please use the emergency backup code.
- What if I can't generate a security code?
During the two-step verification set up process, you will receive a 16-digit backup security code. It is very important that you write the code down and keep it safe.
If you ever accidentally delete the authenticator app, have an empty phone battery, lose your phone, or some other reason why you cannot cannot generate a security code, you will need this backup security code to sign into your RIPE NCC Access account.
When signing in, you will be asked to enter your 6-digit security code. If you cannot generate it, click the link "Can't use your authenticator app?" and follow the instructions to enter your 16-digit backup security code. If you are locked out of your account and you do not have the backup security code, please contact us.
- What if I don't have or want to use a smartphone?
A smartphone with an authenticator app makes it very easy to use two-step verification, but in principle you can use any application that is capable of generating Time-based One-Time Passwords. For example, the OATH Toolkit allows you to generate security codes from the command line. The man page will give you details on how to use the application.
- Can I disable two-step verification after enabling it?
Yes. Two-step verification is an optional but recommended security feature. You can disable the functionality on the Profile page of your RIPE NCC Access account by clicking the button "Disable two-step verification".