At UK Cheapest, we enforce email-based Two-Factor Authentication (2FA) as the default method for securing client accounts. While TOTP-based 2FA (authenticator apps) is widely considered more secure in some cases, email 2FA provides a balance between strong security, ease of use, and account recovery. Here’s why we’ve made this choice:
1. Ensures All Customers Have 2FA Protection
• Many users do not set up TOTP-based 2FA, leaving their accounts vulnerable.
• Email 2FA is automatically enforced, ensuring that every customer benefits from an extra layer of security.
2. Easy Account Recovery
• If you lose your phone or access to a TOTP authenticator app, recovering your account can be difficult.
• With email-based 2FA, as long as you have access to your email, you can securely receive authentication codes and log in.
3. Reduces Risk from Lost or Stolen Devices
• If your phone is lost, stolen, or reset, you could be locked out of your account with TOTP-based 2FA.
• Email-based 2FA ensures that you can always regain access from any device with an internet connection.
4. No Need for Third-Party Apps
• Some users do not have smartphones or prefer not to install extra apps.
• Email 2FA works universally, making it more accessible to all customers.
5. Security When Email is Properly Protected
• We strongly recommend that customers secure their email accounts with a strong password and their own 2FA.
• If your email account is protected, then email-based 2FA is still a strong security measure.
Can I Use TOTP 2FA Instead?
At this time, email 2FA is the enforced method for all client accounts. However, we are continuously reviewing our security policies and may introduce optional TOTP 2FA in the future.
For maximum security, we strongly recommend enabling 2FA on your email account as well, ensuring that your account remains protected against phishing and unauthorised access.
Also see:
