Two Factor Authentication

We have changed the login process for all Skyscanner’s WordPress sites to require the use of Two Factor authentication (2FA).

First Download the Google Authenticator App

Apple App Store Google Play Store

First Time Set Up

The video below shows a returning user setting up Google Authenticator 2FA the first time they log into WordPress (either after we enable it or when their account has just been created).

Note, if the Submit button doesn’t seem to do anything its probably because you need to click “View Options ->”, scan the QR code and enter the Authentication code.


Other authentication methods

Backup Verification Codes

After clicking the “Enabled” check box for Backup Verification Codes click “Generate Verification Code” and then save the 10 codes it shows you somewhere very safe. You will not be able to see these codes again within WordPress, but you can come back and regenerate 10 new codes at any time.

SMS

After clicking the “Enabled” check box for SMS enter your mobile/cell phone number using your international dialing code with a leading ‘+’.

For example in the United Kingdom I would enter ‘+44700900461’ not ‘0044700900461’.

How to use an alternate method

Below the “Authentication Code” field there will be a link (if you’ve set at least another up). If you click that you can use an alternate method.


New Login Flow

After you enter your username and password (we recommend you use a password manager so you can use a unique password on every site) you will be asked for a one time code which you can get from Google Authenticator.


Changing your Two Factor Authentication Option

1. Open Your Profile

2. Scroll to the Two-Factor Options section

3. Available Options

  • Time Based One-Time Password. More secure and requires
  • Backup Verification Codes. Keep these safe as they will enable you to regain access if you lose your phone and/or your email is locked out.
  • SMS. Get the code by text message.