New Feature Alert : No-IP Announces Two-Factor Authentication

We are so excited to announce the release of Two-Factor Authentication (2FA). This new feature helps keep our customers’ accounts secure by ensuring that only authorized people are able to access accounts. This helps limit the impact of malicious activity because it adds another layer of security on top of your password.

Why Two-Factor Authentication?

You may be wondering why No-IP added 2FA as a security feature, or even how 2FA is different from our current login policy. 2FA is one of the highest levels of security that can be implemented to ensure customer accounts remain secure. 2FA is a security practice that requires you to verify your identity using multiple forms of account verification.

When 2FA is enabled, you will log in with the same username and password, but you will be required to enter a time-based one-time password (TOTP) pin from an authenticator app of your choice on your smartphone.

It is more important than ever to enable data security measures like 2FA whenever possible. As threats like password breaches, keylogging, and other security threats are becoming a normal thing, 2FA is an added layer of account protection.

What are the Benefits of Two-Factor Authentication?

  • Additional layer of security on account login
    2FA requires users to identify themselves through additional verification measures, this helps protect accounts from theft. Making it so a password alone isn’t enough to authenticate a login. Lately, major password breaches across all industries happen so often that even a very secure password can be breached. 2FA adds another layer of security to help reduce this risk.
  • Identity Protection
    Identity theft and data breaches are all too common lately. 2FA ensures that if your username or password were ever leaked, your account is still protected by an additional layer of authentication.
  • Compliance
    Many of our customers work in industries like the Government and Health Industries that require extra compliance for third-party accounts.
  • Effective Cybersecurity Solution
    2FA is an effective strategy to keep accounts safe because it is difficult for hackers to crack both a password and have access to the 2FA device.
  • Easy Implementation
    We have made enabling and using 2FA simple and easy by offering authentication using TOTP, which is supported by various smartphone apps. You choose the one that works best for you.

How Do I Enable 2FA On My No-IP Account?

Login to your No-IP account, you can then find the 2FA option within your No-IP account under “Account” and then click ”Security”.

The first step is to choose which authentication app you will use. We suggest using AuthyDuoLastPass Authenticator, or 1Password. However, any 2FA application app that supports TOTP will work. You will then need to download and install whichever authentication app you choose.

After you have downloaded your authentication app, you will need to follow the steps for that certain app to finish the configuration process and fully activate 2FA. Please ensure that you keep your Recovery Codes in a safe place, so you can always get back into your account.

The following Knowledge Base Guides will help you configure 2FA on your No-IP account for the specific apps listed below. Consult your application’s documentation for support with other TOTP authentication apps.

Authy

Duo

LastPass Authenticator

1Password

What 2FA applications does No-IP Support?

Any 2FA application that works with TOTP will work with No-IP’s 2FA.

Does No-IP Require 2FA?

While we don’t currently require No-IP accounts to have 2FA enabled, we strongly suggest that you enable it. 2FA is a simple solution to help keep your No-IP account secure.

What Happens If I Lose Access To My Two-Factor Authentication App? 

When you set up 2FA you will be provided with ten, one-time-use recovery codes that allow you to get into your account without needing to enter your TOTP code. Each code can only be used one time. If you lose your backup codes and your authentication app, you will no longer be able to access your account. Keep these codes in a safe and secure spot that only you have access to.

If I have 2FA set up, do I need an account Security Question? 

Yes, if you ever need to contact No-IP Customer Support. we will need to verify you. One way of verification is by answering your security question. If you cannot verify your account, we will not be able to assist you.

Will you provide other factors of authentication besides TOTP and Recovery Codes?
For now, we are monitoring the usage of TOTP. However, we’re open to adding additional factors dependent on customer feedback.

Does My Dynamic Update Client (DUC) or Other Update Device Require Two-Factor Authentication When Logging In or Sending Dynamic IP Updates?

No, 2FA will only be prompted on our website at this time. We are currently working on separating the Dynamic Update Client credentials from dynamic updates completely. If you want to use different credentials other than your login, you can set up sub-account groups.

Source :
https://www.noip.com/blog/2022/02/22/new-feature-alert-ip-announces-two-factor-authentication/