Multi-factor authentication
By default Elestio use Email based MFA, each time you login to Elestio we will send you an email with one time code to enter in our UI to be able to connect. This protection is in place to enforce security and to avoid account hacking.
We also have TOTP based MFA, this is more secure because it's based on an app installed on your phone to generate TOTP codes instead of us sending them by email. So even if your mailbox is compromised your Elestio account will still be safe.
We recommend all users to use TOTP Generator, you can activate it in few clicks from our dashboard > user profile > security tab
Process to activate TOTP MFA on your account
1) Open the account security tab here: https://dash.elest.io/account/security
2) Click on Configure MFA button
3) Download an authenticator app: Authy (recommended) or Google Authenticator or Microsoft Authenticator
4) Open your authenticator app then scan the QR code on the screen
5) Generate a code with your app and enter it on the Elestio screen
6) Click on Validate
Done, Strong MFA is now enabled on your account and will be required to login to your Elestio account