Casa uses TOTP (Time-Based One-Time Password) 2FA, which can be used with apps like Google Authenticator, Duo, or Yubico/Yubikey. 2FA in Casa App is used specifically for logging in to one's Casa account in Casa App. 2FA does not currently protect login to our web app at app.keys.casa.
2FA protection, in this instance, is not used when sending funds, only for authenticating into Casa App on one's mobile phone.
2FA account protection is not currently available at the Silver and Gold levels of membership.
"How do I enable 2FA?"
From your "Security" tab in Casa App, toggle "2-Factor Authentication" on.
This will show you a TOTP authenticator code, which you can copy from Casa App and paste into your TOTP 2FA app like Google Authenticator.
If you already have Google Authenticator or other authentication app downloaded, Casa App will show you the option to automatically add Casa to your authenticator app (NOTE: this features is currently available for Android only, and will not currently work with the authenticator app "Authy").
It's a good idea to write down your backup code, or keep in saved in a password manager. Some authenticator apps allow encrypted cloud backups, which is also an option. As long as you have a backup of some kind, you can be sure that you will be able to easily log into Casa App when migrating to a new phone in the future.
Scan the code using the 2FA app, or manually enter the code. If the app prompts you to select "Time Based" or "Counter Based," select "Time Based."
Casa App will prompt you to enter the newly-generated TOTP code from your authenticator app into Casa App, to confirm that the TOTP key has been correctly input.
Once you enter it correctly, you will get a success notification.
"How do I use it?"
You will need to enter the newest code that your authenticator app generates each time you log in to Casa App on your mobile device. The easiest way is to copy the code in your authenticator app, then paste it into Casa App.
"How do I disable 2FA?"
You can only disable 2FA yourself if you have current access to your TOTP authentication token.
To initiate reset of your 2FA if you've lost your authentication token, or you wish to change your token, select 2FA in Casa App, then select "Disable." You'll be prompted to enter your current 2FA code in order to disable 2FA.
If you have previously enabled 2FA in Casa App, and do not have access to your TOTP token, you will need to contact your Client Services representative to schedule a verification call (you can do this by tapping the "Need Help? Contact Support" button in the app). The Client Services Rep will be able to disable TOTP for you on your account after verification.
Once 2FA is reset, you can either re-add new authentication or forego 2FA authentication moving forward.