What is Two-Factor Authentication
Two-factor authentication (sometimes shortened to "TFA" or "2FA") is a way to limit access to your account by using you cell phone in addition to your password to access your Write.app account. In a traditional 2FA setup, when you attempt to log in to a website, that site will send you a text message with a 4 to 6 digit PIN number. Before being able to log into your account you'll need to enter that PIN. Once the PIN is verified you are then prompted for your password and you can log in as usual.
This may seem like a bit of a hassle but the benefit of two-factor authentication is that anyone who would potentially be trying to "hack into" your account would need both your password and your cell phone to access your account.
Write.app's current implementation of 2FA is slightly different than most. Currently, rather than sending a PIN each time you log in we only require that you enter a PIN that we send via SMS when you click the "Forgot Password" link on the login page. Most attackers will attempt to break into your email account and then begin changing passwords for the various accounts you own. It is more likely that an attacker would take this route rather than try to guess your password. This is why we currently only implement 2FA for forgotten passwords. In the future we plan to expand two-factor authentication to the entire login process instead of just the forgot password functionality.
Activating Two-Factor Authentication
Before you can use Write.app's Two-Factor Authentication you must first have a Premium account. Premium accounts are only $4.99 (one-time fee) and you can upgrade by logging into your account and clicking the big red "Upgrade" button at the top of the page.
Once you have a Premium account and are ready to activate 2FA, log in to your account and click the Settings link in the main nav bar at the top of the screen. This will take you to your settings. Once there click the "Security" tab in the sidebar. Under the option to change your password you should see an option to enter a mobile number. Enter your mobile phone number (do NOT include any spaces or dashes - use only numbers) and then check the box that says "Enable two-factor authentication". Now press the red "Update" button and your preferences will be saved.
You have now successfully enabled two-factor authentication and will be prompted to enter a PIN the next time you reset your password through the "Forgot Password" page.