Trading 212 2FA

Aidanmc

gravel_2 said:

You will have to play the game, I'm afraid.

Personally I like the algorithmic/app based 2FA. No need to rely on the text system working, no potential delays in sending, in my pocket or nearby at all times.

I'm making a complaint to Trading 212, based on discrimination.

A couple of weeks ago i could withdraw from my account without any 2FA or smart devices.

Now to withdraw, i have to go and buy a tablet/smartphone.

If they were solely app based broker fair enough, i wouldnt have opened an account. But thats not the case.

gravel_2

Good luck.

As I said, you can run an authenticator as a browser extension.

Aidanmc

gravel_2 said:

Good luck.

As I said, you can run an authenticator as a browser extension.

how can i do this please.

gravel_2

I have never done it so am reluctant to recommend anything:
I believe KeePass may have the functionality.
WinAuth is a desktop application.
Authenticator.cc is the browser plugin.
2fast (https://apps.microsoft.com/detail/9p9d81glh89q)

booneruk

There's a Two-Factor authentication menu option in the Privacy & Security section within the settings of the T212 app. There could be something similar on the website.

Presumably it allows you to set up various 2FA options (I haven't done it myself though). There are traditional apps like Google Authenticator, Microsoft Authenticator, Twilio etc. I've never used a browser extension authenticator, but there certainly appears to be some.

Examples for Chrome: https://chromewebstore.google.com/search/authenticator

These might work with T212, but as I mentioned I've not tried. 

EDIT: The windows application mentioned in the previous post is at: https://apps.microsoft.com/detail/9p9d81glh89q 

(Brackets killed the link in that post)

Beddie

Even a basic Motorola smartphone for under £100 (on Amazon) would be money very well spent, for many reasons.
I realise you are against it, but at least consider it.

Northern_Wanderer

I use 212 on my laptop. The say I can set up 2FA on my trusted device. I set up a "trusted" device. Now it asks me to use an authenticator app. Then when trying to do something else it says it has sent an authentication code via Firefox. I don't see any code.

I'm not interested in using any authenticator apps on my phone. Or even the 212 app on my phone. I'm not sure I trust any add-ons on Firefox as no idea what they are actually doing....

As it stands, the only way I can access my "Flexible" ISA funds is to request a "Transfer In" via another provider.

I only need answers about using a Laptop with Firefox to withdraw not saying I have to "play the game"with authenticator app, thanks.

The "chat with us" on 212 is driving me nuts and we are going around in circles. There is no customer service phone number.

I can see that I will just transfer to another provider at this rate.

gravel_2

It sounds like you have installed an authenticator app on Firefox and loaded the T212 profile onto it?

My lay understanding is authenticators work by receiving certain information from the site you are trying to log in to (this is STATIC information, and will likely just be a string of numbers that mean something to T212). The authenticator then generates a code based on the info it has from T212 and the date/time you want a code. T212 has access to the same algorithm so can verify the code is correct. There is no personal data available to the authenticator and even if it was compromised it would still require password to be useful.

You should use your own due diligence on which authenticator app to use, especially if it's running as an application within the browser you use to log in to T212 (or any other site).

Using 2FA via an authenticator is good security practice... Having it on your phone should not concern you, especially if you have Android and use the Google or Microsoft authenticator apps.

cloud_dog

Northern_Wanderer said:

I use 212 on my laptop. The say I can set up 2FA on my trusted device. I set up a "trusted" device. Now it asks me to use an authenticator app. Then when trying to do something else it says it has sent an authentication code via Firefox. I don't see any code.

I'm not interested in using any authenticator apps on my phone. Or even the 212 app on my phone. I'm not sure I trust any add-ons on Firefox as no idea what they are actually doing....

As it stands, the only way I can access my "Flexible" ISA funds is to request a "Transfer In" via another provider.

I only need answers about using a Laptop with Firefox to withdraw not saying I have to "play the game"with authenticator app, thanks.

The "chat with us" on 212 is driving me nuts and we are going around in circles. There is no customer service phone number.

I can see that I will just transfer to another provider at this rate.

Have you installed an authenticator plugin or is there a native function within FF?

Usually when you set up a browser authenticator you need to get the information in to the authenticator extension, e.g. 'Trading212', and importantly the key to use to generate the temporary pass codes.

Have you set up an authenticator app and entered the security details?

Please note: I do not use browser authenticators but it is something we support with our software, and the above is how we have implemented support for browser authenticators.

booneruk

I think with most 2FA Apps, each 2FA utilising service you use gives a cryptographic seed upon setting up that your app reads in (via QR code or text input).

When you attempt to log in and are asked to input a code from the 2FA app, you're simply sending another cryptographic value generated within the app from a combination of the original seed and the date&time. Both the service and your app would be generating the same value so you enter the value shown in the app, the website compares its against yours and decides it's really you trying to log in. So, no information is sent from site to 2FA app (I believe the Microsoft authenticator works slightly differently in this regard).

If someone doesn't want to use 2FA apps they will find that stance more and more of a problem as time passes. 2FA via authenticator app is an eminently sensible and secure technology.