Every time you log in to your Mercury account, you’ll need to verify your identity with a second form of authentication. This is called two-factor authentication (2FA), and it helps keep your account secure.
All users must set up at least one 2FA method using an authentication app. You can also set up a security key later if you prefer.
How 2FA apps work
After you enter your email and password on the login screen, you’ll be prompted for a 6-digit 2FA code to authenticate your identity. These temporary codes are generated by a 2FA app, and usually reset every 15-30 seconds. This makes them more secure than text message codes, because they require you to have a physical device in your possession at the moment of login.
Setting up your 2FA app
Your Mercury mobile app doubles as a 2FA app. Once set up, we’ll send you a push notification every time we detect you trying to log in so you can quickly tap to retrieve your code.
You can also choose to use a third-party 2FA app like Authy or Google Authenticator instead, but you may be required to sign up for an additional account through them.
Using the Mercury app for 2FA
Setting up 2FA on your mobile app only takes a few minutes. First, make sure you’ve downloaded the Mercury app from the App Store or Google Play (or scan the QR code below and we’ll point you in the right direction).
Once you’ve downloaded the Mercury app, do the following:
- If you’ve just opened your Mercury account, log in from a desktop or laptop and locate Set-up two factor authentication in your new user checklist to find your setup instructions.
- If you previously set up a third-party 2FA app but would like to use the Mercury app instead, go to your Security settings, scroll to the Two-factor authentication section, and click Reset next to the row that says 2FA app (Third-party).
- Open the Mercury app. On the login screen, tap Two-Factor Authentication. If you’re already logged in, go to Profile > Security > Two-Factor Authentication.
- Use the Mercury app to scan the QR code or tap Enter manual code instead to enter the alphanumeric code from your setup instructions.
- Your app will generate a unique confirmation code. Enter this in Step 3 of your setup instructions back on your computer.
Using a third-party app for 2FA
If you’d prefer not to use the Mercury mobile app, you can choose a third-party 2FA app instead. Here are a few we like:
- Authy (App Store | Google Play)
- LastPass Authenticator (App Store | Google Play)
- Google Authenticator (App Store | Google Play)
Once you’ve downloaded the app, do the following:
- If you’ve just opened your Mercury account, log in from a desktop or laptop and locate Set-up two factor authentication in your new user checklist to find your setup instructions.
- If you previously set up a third-party 2FA app but would like to use the Mercury app instead, go to your Security settings, scroll to the Two-factor authentication section, and click Reset next to the row that says 2FA app (Third-party).
- Open the app and follow the prompts they provide. You may need to set up a separate account with them, depending on the app.
- In your setup instructions, go to the Third-party app tab, then scan the QR code with your 2FA app. You can also enter the manual code instead if scanning doesn’t work.
- Your app will generate a unique confirmation code. Enter this in Step 3 of your setup instructions back on your computer.
Changing or resetting your 2FA app
To change your 2FA app:
- Go to Settings > Security
- Scroll to "Two-factor authentication"
- Click Reset in the 2FA app row and follow the setup steps for your new app
Reminder: Store your backup codes in a safe place. These can help you access your account if you lose access to your 2FA app. Learn more in our backup code guide.