Two-factor Verification via Auth Apps

Two Factor Verification via Auth Apps

Security is something we take very seriously at Backblaze. All Backblaze backups occur over HTTPS, are encrypted, and we even have private encryption key functionality available for those who wish to add another layer of protection. In 2015, we added two-factor verification via SMS to our service, which allowed customers to use a mobile device to verify that they were indeed the ones accessing their Backblaze accounts. Today we are announcing our latest step in helping customers protect their Backblaze accounts—two-factor verification via authenticator applications like Google Authenticator and Authy. To enable that, we now support the ToTP protocol.

What Is ToTP?

ToTP stands for Time-based One Time Password, and it allows customers to use service like Google Authenticator, Authy, or others to access their accounts in a more secure way. This is the underlying authentication algorithm for the vast majority of authentication apps on the market today. A user that has ToTP enabled can use their authentication app of choice for an added layer of security. Users will first log in with their account’s username and password, the incremental layer of security happens next—the authenticator app will generate a time sensitive password that is valid for only one use.

For a lot of people, receiving SMS messages is cumbersome, and doesn’t always work. Now Backblaze users can choose two-factor verification via SMS or authentication app.

Enabling Two-factor Verification:

When you log in to your Backblaze account, on the left hand side, go to “My Settings,” and navigate towards the middle of the page where you will see your “Sign-In Settings.” Click on that to make the change.

Backblaze 2FA setup

If you haven’t already, you will need to enter your phone number to enable two-factor verification.
ToTP SMS message

Once done, you will be able to select the frequency at which Backblaze will ask for an advanced authentication method, and you will be able to select your desired method, two-factor verification via SMS or app.
ToTP authorization

That’s it! We hope you like it!

About Yev

Yev Pusin is the senior director of Marketing and sometimes Marketing chief of staff at Backblaze, which he joined in 2011. Yev has a degree in business and communications from the University of Iowa, where he developed an alliteration affinity. Yev enjoys writing in an amusing way about the "why" of things and how decisions are made, so that readers can learn and be entertained all at once. Follow Yev on: Twitter: @YevP | LinkedIn: Yev Pusin