How do I use two-factor authentication?


Two-factor authentication (2FA) is an extra layer of security that makes it more difficult for an unauthorized user to access your account. 2FA refers to either setting up SMS authentication or installing a general-purpose authenticator app on your mobile device. Using 2FA is required for all Brex users.

Please note that Brex does not require installation or download of a browser extension to access your account. You should always exercise caution when installing browser extensions.

How it works

When you sign in to Brex with 2FA enabled, you’ll receive a prompt for a code in addition to your password. Brex offers two ways to receive a code:

  • Authentication app (Google Authenticator or Twilio Authy)

  • SMS text message

We recommend using an authentication app because it’s more secure than SMS and doesn’t require a working cell network or internet connection.

Please read the relevant section below to either establish your 2FA for the first time or to switch from one method to the other.

Authentication app setup

First, download one of the authentication apps below.

After you have the app, please ensure that your device's date and time settings are configured to automatic mode. Google Authenticator and Twilio Authy generate 2FA codes using the current time on your device so if the time is set incorrectly, the wrong code will be generated.

Next, follow these steps to connect the app to your Brex account.

Step 1: Click your company name at the top right of your dashboard and go to Settings.

Step 2: Under Personal, find Two-factor authentication and click Change method.

Step 3: Choose Authentication app and click Continue.

Step 4: Open your authentication app and use it to scan the QR code, then click Continue.

If you can’t scan the QR code, choose manual entry on your app, and enter the code shown on the screen.

Step 5: Enter the six-digit code from your authentication app and click Continue (the code typically expires after 30 seconds).

Step 6: Copy or download the recovery codes and save them in a secure place, then click Continue.

Once 2FA is enabled, it cannot be disabled. If you ever lose your phone, you can use your recovery codes to sign in to Brex. Each recovery code can be used once.

SMS text message setup

To set up SMS authentication, follow the steps below.

Step 1: Click your company name at the top right of your dashboard and go to Settings

Step 2: Under Personal, find Two-factor authentication and click Change method.

Step 3: Choose Text Message and click Continue.

Step 4: Enter the phone number you want your code sent to and click Continue. This phone number will replace any existing phone number on your account and will be used for customer communications and fraud prevention moving forward.

Step 5: Enter the six-digit code sent to your phone number and click Continue (the SMS code will typically expire after three minutes).

Once 2FA is enabled, it cannot be disabled. If you need to update your phone number, please read How can I update my phone number?.

Was this article helpful?

|

Still can't find what you're looking for?

Chat with us->