As previously discussed in our Hot Topic on account security, it is imperative for Kriptomat to implement a 2-factor authentication step for our users’ accounts and, although tedious, it can save you a world of trouble.
The most frequent issue that our users face with 2-factor authentication is not receiving the SMS verification code sent to their mobile devices upon logging in. For this reason, we would like to address why this can happen and possibly convince you that we are not, in fact, purposely keeping you from logging in to your account.
Where is my SMS code?
In the majority of cases, the issue lies with your mobile service provider. Simply and straightforwardly put, this is where the interruption occurs and we will explain precisely why this happens.
Mobile service providers can oftentimes implement filters for unwanted or Spam messages, especially if the SMS are automated and are not from a regular number. Their system will essentially block the messages altogether, thereby never delivering them to your device. If our team confirms that the SMS codes have been sent from our server successfully, then there is no doubt that the issue is on your provider’s end.
Luckily, there is a very simple solution to this; all you need to do is call your provider and make sure that they have enabled all messages to your device and are not filtering Kriptomat’s SMS codes as Spam.
The second most common reason for SMS not being delivered to your device is a network interruption due to poor range. This primarily happens when you are abroad visiting a different country, whereby your device is in roaming or has poor reception due to using a third party provider.
In fact, if you're in an area with weak or no mobile network coverage in your own country, it can affect the delivery of SMS messages. Make sure that you have a stable network connection before logging in to your Kriptomat account.
Unfortunately, in this case, your provider will not be able to assist you, however, fear not! We have a solution for this coming up next!
New generation authentication method
You’ve heard it before but, in case we didn’t make it clear enough, we fully endorse (and love) Google 2-factor authentication.
Google 2-factor authentication does not require a provider or a network connection at all. The codes are generated on a continuous loop via the Google Authenticator app and can be used with or without an internet connection. It can be used for multiple websites and accounts and operates independently of your phone number, which eliminates the risk of SIM-swapping attacks (more on that here).
All you need to do to start using Google 2-factor authentication is download the Google Authenticator app on your phone, enable the option within your Kriptomat account and make sure to save the recovery key!
If you lose your device and subsequently lose access to your app, this is the key that will enable you to recover all OTPs once you download the app again.
Nevertheless, we like to keep our I’m-not-receiving-SMS-codes hotline open at all times should the issue persist. Our team is always available to check this for you and conduct further investigation if need be, simply reach out to us on [email protected].