Looking to add another layer of security to CertCentral? We recommend implementing two-factor authentication for your account. Two-factor authentication allows you to require two methods of identity verification before someone can sign in to CertCentral and purchase certificates or access account information.
Requiring two forms of identification means a bad actor who gains access to someone's account password does not have instant account access. Why? Without the required second form of authentication, no one can sign in to that account.
By default, CertCentral requires one form of authentication: something only you know. Each user must create credentials—username and password—for their CertCentral account before they sign in. These credentials are always required, even if you don't implement two-factor authentication.
However, with two-factor authentication, entering your credentials is only the first step to accessing your CertCentral account.
CertCentral allows you to require a second form of authentication before someone can sign in: something only you have. When implementing two-factor authentications, the "something you have" can either be a client certificate installed on a device (such as your laptop or phone) or a one-time password generated from a one-time password (OTP) application device
Client certificates let you control what devices a user can access their account from. Users can only access their account from a device their client certificate is installed on. Client certificates may also require a user to use a specific browser to access their account.
An OTP app installed on a mobile device allows users to log in from any device. Because our two-factor authentication process implements the Time-based One-Time Password (TOTP) protocol, you must use a mobile application that supports the TOTP protocol.
The TOTP protocol supports a time-based variation of the One-time password (OTP) algorithm. Each time an OTP is generated, it can only be used for a brief period. Once expired, the OTP cannot be reused. OTPs with short lifespans improve security.
Most OTP applications compatible with the TOTP protocol will work with our process. We tested these OTP applications:
Implement and use two-factor authentication