Multi-Factor Authentication (MFA, also know as 2-Factor/Step Authentication or 2FA) provides an extra layer of security to prevent anyone else from accessing your CaFE account even if your password is stolen.
You can also reset your password with MFA once it is enabled, instead of using the classic authentication (security question/answer) that you are likely to forget.
Therefore, we recommend enabling MFA on your account.
Requirements for MFA
- An authenticator app installed on your smartphone or any device or computer with the internet access
- Access to your CaFE account with a web browser (not on your smartphone as the mobile version currently doesn't provide the settings for MFA)
- A recovery email address (mush be different from the one you use to log in)
Initial set up
- Install an authenticator app, such as Google Authenticator (iOS / Android) or Authy (iOS / Android / Desktop), or any other app you like
If you already have any app installed on your smartphone, skip this step.
If you prefer the Desktop version, try Authy, although you still need your mobile phone in the initial setup process.
- Log in to CaFE, and go to the My Details page
Click the top-right icon, then select My Details.
- Click the Set up in the Multi-Factor Authentication section
- Set up your authenticator app
Firstly, add your account to your authenticator app by scanning the QR code or entering the Setup key.
If the QR code scan doesn't work or you use the Authy Desktop version, please enter the Setup key manually.
When your account is registered successfully, your authenticator app will show a one-time 6-digit code that is likely to refresh every 30 seconds.
Then, click the Continue button in CaFE and enter the code to authenticate your authenticator app.
- Set up your recovery email address
Enter your recovery email address and click the Continue to send a 6-digit verification code to the email address.
Check your email box and enter the code to verify the email address. If you cannot find it in your inbox, please also check your spam folder or just wait for a few minutes.
Please note that this email address must be different from the one you use to log in to CaFE.
It will be used as an alternative authentication method when your authenticator app or smartphone is not available.
Log in with MFA
From now on, when you log in, you will be asked to enter an authentication code generated by your authenticator app as below after your password is successfully confirmed.
If the authenticator app or your smartphone itself is not available when you log in, click the Use another authentication method to use your recovery email address instead.