We’re pleased to announce that Brightbox now supports Two-factor authentication.
Two-factor authentication (2FA) has been a rather long-running feature request so we do appreciate your patience!
Setting up 2FA on Brightbox only takes a minute or two and will be a very familiar process if you already use 2FA with other services such as Github or Stripe.
To enable 2FA simply head over to Brightbox Manager, choose “Two-factor Authentication” from the user menu and then follow the setup instructions. You can use any TOTP (Time-based One Time Password) app such as Google Authenticator, FreeOTP or Authy etc.
Once you’ve enabled 2FA, whenever you log in to Brightbox Manager you’ll be prompted for a 6-digit code which you can get from your TOTP app.
Also, once enabled, a 2FA code will be required anywhere where you authenticate
with your email and password (our CLI tools for example). Rather than modify all
possible tools that authenticate with the
Brightbox API we’ve added the ability to append a 2FA
code to your password separated by a “+” sign e.g. mypassword+123456
.
Alternatively, you can obtain a temporary access token from Brightbox Manager and use that in place of your password. The temporary access token will expire every few hours.
It’s worth noting that account-based API clients (as opposed to user-based), which allow you to generate credentials with reduced privileges for use with scripts and other automated systems, don’t require 2FA codes since they are not designed to be used by users directly (they can’t be used to log in to Brightbox Manager for example).
Once enabled, two-factor authentication adds another level of security to your account. You can easily review which of your collaborators have it enabled and, in future, you’ll be able to enforce it across your account.
Just remember to store your backup codes safely!
You can sign up for Brightbox in just a couple of minutes and get a ÂŁ50 free credit.