FAQs

Multi-factor authentication (aka “MFA”) is a security method whereby account access is only granted after the user successfully presents two or more pieces of evidence that they are who they say they are. Withdrawing money from an ATM is a good example of MFA, because the machine needs two pieces of authentication information before allowing you to withdraw money from your account: 1) your bank card; and 2) your pin number. If you want more nitty gritty details, see Wikipedia’s article on MFA.

Without MFA, an account may only ask you for one piece of information – usually a password or a pin number. All it takes to gain access to your account then is someone finding or guessing your password – so make sure it’s a strong one!

Qwill allows you the option of enabling MFA to help keep your account more secure from unauthorized users. The two pieces of information we use are:

1. Password (must be at least 6 digits long)
2. An “MFA” code

An MFA code is a unique authentication code that is randomly generated by a third-party that has been linked to your Qwill account. During setup, Qwill will give you a unique key that you can manually enter or scan into a third-party authentication app – we recommend Google Authenticator. This allows Google Authenticator to link to your Qwill account. It will begin to randomly create unique 6-digit codes every 30 seconds. Each time you sign in to your Qwill account, after you enter the correct password (#1), we’ll ask for your MFA code (#2) for extra verification. You’ll open the Google Authenticator app, and there you can copy the latest 6-digit code associated with your account. Now in order for an unauthorized user to gain access to your account, they have to know both your password to Qwill, and have to know both your password and your generated 6-digit code

For instructions on how to set up multi-factor authentication, visit one of these articles:

• FAQ for how to enable MFA on your iPhone.
• FAQ for how to enable MFA on the web app.