Two-factor authentication (2FA) is becoming standard across the internet, with widespread support from all major technology companies.
In order to help protect your customer portal account, we now require two-factor authentication.
Two-factor authentication on our website is mandatory, in much the same way that chip-and-PIN on your credit or debit card is mandatory -- they both play a big role in keeping you safe. Chip-and-PIN is also a form of two-factor authentication: something you have (the card) and something you know (the pin). In the case of our website, the thing you have is the Google Authenticator app on your phone, and the thing you know is your password.
This helps protect your account in case your password is ever accidentally exposed -- which most commonly occurs when reusing the same password on multiple sites and one of those other sites gets hacked. When this happens, the email and password combination you used on the hacked site is often published online for anyone to see, and that leads to people or bots trying your email and password combination elsewhere on the internet to see where they can get in. Two-factor authentication protects you against this sort of identity theft (one of the most common types) by needing a code from your phone, in addition to your email and password, to prove that it's really you trying to login.