Enabling two-step sign in on your Hover account

Two-step sign in provides an extra layer of security for your Hover account. It requires you to enter a unique six-digit authentication code sent to your phone in addition to your usual Hover username and password whenever you sign in to your account.

Important: Two-step sign in is now a mandatory feature and cannot be disabled. If you disable your app, this will be replaced with the email-based two-step sign in until you re-enable either the app. 

Two-step sign-in overview

Hover supports two-step login with the support of a mobile app. To take advantage of the app, you must have a mobile device to run one of the supported mobile authenticator apps.

If you install one of the supported authenticator apps on your mobile phone, the six-digit code is generated by the app on your phone. When you enter your username and password to sign in to your Hover account, a prompt will appear where you can enter that code.
Any popular authenticator app for your smartphone that supports a Time-based One-time Password (TOTP), like Google Authenticator or Microsoft Authenticator, will work with Hover. Most are free to download.

Back to top

SMS two-step sign in deprecation information

We're starting the process to deprecate the use of SMS as a two-factor authentication (2FA) method.
Users won't be able to choose SMS for two-step sign in and will instead only have the App method available. If you already use SMS two-step sign in, you can continue to use it for now, but if you disable it, you won't be able to re-enable SMS two-step sign in
SMS is less secure than the App method, and SMS is getting increasingly more expensive and unreliable as carriers limit sending of SMS due to abuse.

Back to top

Enabling two-step sign-in from a mobile app

  1. Sign in to your Hover control panel using your current method of two-step sign in.
  2. Click on Settings from the top navigation bar.
  3. Located on the left-hand side of the dashboard is the two-step sign in toggle. Turn this on.
  4. Click the use an app text button, then click Next step.
  5.  Scan the QR code on the Hover account screen, use the secret key, and select Next step.
  6. Retrieve the code and enter it in the designated field on the Hover Settings page, then click Enable two-step sign-in.
  7. A confirmation message appears that also provides you with a recovery code. It is essential to keep this code in a safe place. Once you have written it down, select OK, I've written it down.
    Note: This code is the only way to access your account if you cannot use your authorization source. Support cannot disable the two-step sign-in without additional verification for security reasons. 


Back to top

Disabling two-step sign-in

Uninstalling the app from your phone is not enough to disable two-step sign-in. You will need to follow these steps to disable the two-step sign-in fully. 

  1. Sign in to your Hover control panel using your current method of two-step sign in.
  2. Click on Settings from the top navigation bar.
  3. Slide the toggle to turn the Two-step sign in off.
  4. Enter your account password in the text box, then click Disable two-step sign in.

Back to top

Using your recovery code

If you can not access your authorization code, you must use the sixteen-digit recovery code given when you enabled a two-step sign-in. You can use this code to log in to your account when you cannot access the code sent via authenticator. When you use the recovery code to sign in to your Hover account, two-step sign-in is automatically disabled.

  1. Sign in to your Hover control panel.
  2. A prompt will appear to add your authentication code. Select I can't use my authenticator app, or I've lost my phone. 
    Note: The prompt depends on whether you enabled two-step sign-in via the Authenticator App.
  3. Enter the recovery code and click Continue.

Back to top

Getting a new recovery code

  1. Sign in to your Hover control panel.
  2. Click on Settings from the top navigation bar.
  3. Under Security, click on Recovery code.
  4. Click Regenerate recovery code in the popup window.
  5. Your new recovery code is displayed; write it down and keep it somewhere safe. Your old recovery code is instantly made invalid.

 Back to top

Was this article helpful? If not please submit a request here

How helpful was this article?