Shifter provides multi factor authentication (MFA) in two ways:
- SMS based
- Time-based One-Time Password algorithm (TOTP)
We describe how to enable SMS based MFA on this document.
If you're thinking to handle Shifter with API, never enable this feature; currently, it is irreconcilable with this MFA.
When you lost an MFA device
Contact the support desk with your registered email address and domain name.
We love to help you.
1. Login to Shifter dashboard
To get started with Multi-Factor Auth on Shifter log in to your account and navigate to your Account Settings.
2. Click [Account]
3. Make sure Two-factor authentication status is "Disabled"
Before you make any changes to your account check that this feature is off. You wouldn't want to get locked out of you own account.
4. Confirm or Update your Phone number
This step is crucial! Don't skip it. You need to be sure that your contact number is correct and you can access it. It will be your primary way to receive your auth code.
5. Enable Two-factor Authentication
Now that your number is validated you can enable 2FA.
Choose SMS then click [Update] button
6. Logout and login again
Let's check MFA works on your account. Login with email/username and password as you normally would. After that you'll get a prompt for a unique auth code.
You've now added an additional layer of security to your static WordPress sites on Shifter.