How to set up multi-factor authentication for your GoldFynch account

We highly recommend that you set up multi-factor authentication (also known as two-factor authentication in systems like the one GoldFynch uses) to maximize the security of your GoldFynch account and protect against unauthorized access. This is, however, an optional security measure.

The authentication can be done either using SMS that is sent to your mobile device, or using an authenticator that you will need to install on your mobile. To set up the authentication, you will need a valid phone number to receive a one-time password (as a text message.)

Enabling multi-factor authentication (MFA)

Step 1. Sign in to your GoldFynch account

Step 2. Open the menu in the top-right corner of the screen and click on the “App Settings” button

Step 3. In the “Security Settings” tab, click on the “Setup MFA” button

Click on the Setup MFA button in the security settings tab of the App Settings screen accessed from the top-right menu

Step 4. Enter your country and mobile phone number then click on “Continue”

enter your country and mobile number

Step 5. Enter the code your receive via SMS into the text box and then click on “Continue”

Step 6. Choose one of the two validation methods and click on “Continue”

Choose an authentication method

Setting up validation via SMS

An automatic message will be sent to the phone number you used for verification (in step 4.) Each time you attempt to log into your GoldFynch account, you will be sent a verification code (if your login credentials were correct) and will be prompted to enter it to log in fully.

IMPORTANT: Don’t miss out on the Saving your Recovery Code section below.

Setting up validation via an authenticator

After choosing the “Use an Authentication App” option, a QR code will be generated (partially-obscured in the image below.)

First, if you have not already, install an authentication app on your mobile device (Find out more about setting up the Google Authenticator here, and about setting up the recommended validator Authy *here*)

  • Then, use the authenticator to scan the QR code.
scan the QR code generated

This will establish the connection between GoldFynch and your authenticator. Each time you log into GoldFynch, you will be prompted to generate a validation code from your authenticator that then needs to be entered into the GoldFynch login screen after entering your login credentials.

An example of an authentication code

IMPORTANT: Don’t miss out on the Saving your Recovery Code section below.

Saving your Recovery Code

After setting up your verification method, you will be prompted to save a recovery code similar to the one in the image below (part of the code is obscured in this image.) Make sure to keep a copy of this code in a secure location–you will need it to regain access to your account if you are unable to log using the authentication method you set up.

An example recovery code

After taking down the recovery code, check the checkbox and click on “Continue” to complete your MFA setup.

Logging into your account

Step 1. As usual, enter your login credentials on the GoldFynch login screen and click on the “Log in” button. Another screen will appear, asking for a verification code.

Step 2. If you chose SMS as your validation method, you will be sent an SMS with the code. If you chose to use an authenticator, generate a code for GoldFynch. Either way, enter the verification code into the text box.

Enter your validation code into the box and click on Verify

Recovering your account

If you lose access to your GoldFynch case and are unable to log in using either of the authentication methods, you can recover it using a recovery code (see Step 4. Saving your recovery code above.)

Using a recovery code

Step 1. Click on the “Use Recovery Code” button (as seen in the image above, in the “Logging into your account” section) Step 2. Enter your secure recovery code, and click on the “Verify” button

Enter your recovery code and click on Verify

NOTE: After using a recovery code your multi-factor authentication will be disabled and you will need to set it up again if you wish to continue using it.