Using 2FA apps

Every time you log in to your Mercury account, you will be asked to provide a second form of authentication. This is called two-factor authentication (2FA).

We require all users to set up at least one authentication method in the form of a 2FA app. Later, you can choose to set up a security key as your preferred authentication method instead.

How do 2FA apps work?

After you enter your email and password on the login screen, you’ll be prompted for a 6-digit 2FA code to authenticate your identity. These temporary codes are generated by a 2FA app, and usually reset every 15-30 seconds. This makes them more secure than text message codes, because they require you to have a physical device in your possession at the moment of login.

Setting up your 2FA app

Your Mercury mobile app doubles as a 2FA app. Once set up, we’ll send you a push notification every time we detect you trying to log in so you can quickly tap to retrieve your code.

You can also choose to use a third-party 2FA app like Authy or Google Authenticator instead, but you may be required to sign up for an additional account through them.


Using the Mercury app for 2FA

Setting up 2FA on your mobile app only takes a few minutes. First, make sure you’ve downloaded the Mercury app from the App Store or Google Play (or scan the QR code below and we’ll point you in the right direction).

Once you’ve downloaded the Mercury app, do the following:

  1. If you’ve just opened your Mercury account, log in from a desktop or laptop and locate Set-up two factor authentication in your new user checklist to find your setup instructions.
    1. If you previously set up a third-party 2FA app but would like to use the Mercury app instead, go to your Security settings, scroll to the Two-factor authentication section, and click Reset next to the row that says 2FA app (Third-party).
  2. Open the Mercury app. On the login screen, tap Two-Factor Authentication. If you’re already logged in, go to Profile > Security > Two-Factor Authentication.
  3. Use the Mercury app to scan the QR code or tap Enter manual code instead to enter the alphanumeric code from your setup instructions.
  4. Your app will generate a unique confirmation code. Enter this in Step 3 of your setup instructions back on your computer.

 

 

Using a third-party app for 2FA

If you’d prefer not to use the Mercury mobile app, you can choose a third-party 2FA app instead. Here are a few we like:

Once you’ve downloaded the app, do the following:

  1. If you’ve just opened your Mercury account, log in from a desktop or laptop and locate Set-up two factor authentication in your new user checklist to find your setup instructions.
    1. If you previously set up a third-party 2FA app but would like to use the Mercury app instead, go to your Security settings, scroll to the Two-factor authentication section, and click Reset next to the row that says 2FA app (Third-party).
  2. Open the app and follow the prompts they provide. You may need to set up a separate account with them, depending on the app.
  3. In your setup instructions, go to the Third-party app tab, then scan the QR code with your 2FA app. You can also enter the manual code instead if scanning doesn’t work.
  4. Your app will generate a unique confirmation code. Enter this in Step 3 of your setup instructions back on your computer.

Changing or resetting your 2FA app

Go to your Security settings, scroll down to Two-factor authentication, and click Reset in the “2FA app” row, then follow the instructions above to set up your new 2FA app.

Once you reset your 2FA app, just make sure to store your backup codes in a safe place. Backup codes allow you to gain access to your account if you ever lose access to your 2FA app. For more info, check out our guide to backup codes.