Enabling two factor authentication is a great way to protect yourself from phishing attacks and helps keep your Arch information secure.
How does it work?
Two factor authentication works to secure your account by requiring an additional factor of information at sign in time. That is, it is not enough to have your email and password to get access to your account. If someone gets access to your email and password they still won't be able to get access to your Arch account.
Currently, Arch supports Time-based One-Time passwords. These are constantly changing passwords that a user generates for each login and that the login server (Arch) can verify.
These one time passwords are managed using an application such as Google Authenticator or Twilio's Authy. If you're already using a password manager such as 1Password, it can handle this in addition to keeping the password itself secure.
Getting started
Go to your Security under Account and find the section labeled Two factor authentication.
How to set it up
Setting it up shouldn't take more than two minutes:
Choose 'Enroll' for "Time-based One-Time Password".
Make sure you have an authenticator app like Google Authenticator, Authy or 1Password.
You'll be asked to scan a QR code on the screen. Use your application here and then enter the one time password provided from it.
When you log in the next time, you'll need to add your password and then a code generated from your authenticator app.
Important: When you set up 2FA you'll be provided a recovery code. Save this code to avoid potentially being locked out of your account if you loose access to the authenticator app.
Using it
After enabling 2FA, you'll log in just like you're used to, and after providing your email and password, you'll be asked to provide the one time password.
Lost your 2FA device?
If you happen to loose your 2FA device, you can use the recovery code provided during sign up to login. After using the recovery code you'll be asked to save a new recovery code as they can only be used once.
Once you've successfully logged in with the recovery code, head over the the Security section under your account and reset your two factor authentication by disabling it and enrolling again.