Help: FAQs, overviews and step by step guides

Two-factor authentication

You can set two-factor authentication for your BullionVault account to increase security. When you login, you’ll be asked for your username and password as normal and then be asked for a one-time-use code that you get from an app on your mobile phone (or tablet). This means that even if someone gets hold of your username and password, they still won’t be able to log in to your account without access to the app on your mobile phone.

The procedure

Step 1. You need to download and install a two-factor authentication app, such as Google Authenticator or Authy, on your mobile phone.
Step 2. LOGIN, and go to ACCOUNT > Settings.
Step 3. Under the section for Security Options / Two-factor authentication, press 'Edit'
Step 4. A black-and-white QR code will be displayed. Open the two-factor authentication app on your mobile phone. The app you choose will have specific instructions, but usually it will ask you to scan the QR code with your phone’s camera. This will generate an authentication code — submitting this code will enable two-factor authentication on your BullionVault account
Step 5. You should explore the back-up/recovery options for your app in case your phone is lost or broken. One option may be to set up the app on multiple devices. If you completely lose access to your app authentication code, you will need to clear the two-factor authentication from your BullionVault account by resetting your password.

What happens next?

  • From now on when you log in you will be asked for a code generated by your authenticator app. Check the app to find the current code - each code will only work for a short period of time.
  • If you forget your login details, or have been barred from logging in, please contact BullionVault for assistance.

How does this check protect me?

The two-factor authentication check protects you if someone gains access to your password (e.g. by "shoulder surfing" — someone watching over your shoulder to see your password when you log in). Each two-factor authentication code is only valid for a short period of time. Even if someone knows your password, they will still not be able to to log in without a code from the app on your phone.