Two-Factor Authentication: Stronger Security for Your Savings

Ubiquity requires two-factor authentication (2FA) using Authy to protect your account from unauthorized logins. Authy provides 2FA via their iOS, Android and Desktop apps as well as SMS texts. For information on how to set up Authy 2FA for your Ubiquity account, see the “How do I set up 2FA on my account?” FAQ.

2FA cannot be removed—it is required to protect your account from unauthorized logins.

If you have not already set up 2FA on your account, log in to your retirement dashboard. After entering your password, you will be prompted to enter your mobile phone number for 2FA.

Enter the code you received via SMS or from the Authy app.
If you haven’t received the code or code has expired, click Re-send code.

We recommend installing the Authy Desktop app or if you own an iOS or Android tablet, you can also try the iOS and Android apps.

If you do not install the Authy app, you may use a landline, but it must be a direct line (no extensions) and a U.S. based phone number.

‍Landline Phone Number
‍See the “Can I use a landline phone number?” FAQ under Token Questions.

‍Web-Based Voice/Text Applications
‍You may use a web-based voice/text app instead of a mobile device. There are services, like Google Voice *, which allow you to make phone calls and send/receive text messages via the internet as compared to a traditional cellular service provider.

*Google Voice is a telephone service that provides call forwarding and voicemail services, voice and text messaging, as well as U.S. and international call termination for Google Account customers.

If your username is not your email address, this will need to be updated prior to setting up 2FA. Please contact us at 855.401.4357 to update your username.

The token is a unique number that your cellphone or App generates that is constantly changing.

There are a few reasons this may happen.

1. Authy App previously installed or not installed
• If you DO or DID have the Authy app installed on your mobile device at one time:
– You may not receive a text message
– You will need to open the Authy app on your device to retrieve the token
– If you are unable to use the Authy app at this time, see the “Note” below
• If you DO NOT have the Authy app installed:
– You can download the app to attempt to receive the access token
– Download the Authy desktop app direct from the Authy site here
‍– When setting up your Authy account through the app, you should use the same phone number that you entered on the Ubiquity 2FA setup screen
• Note: If you have, or have had, the app but would rather receive short codes, short number sequences sent by text message, through your mobile device, use this link to recover your account
– Recovery requests take 24 hours to review for security purposes
– Any existing Authy apps will no longer work, but you will be able to install a new one
■ If you do not re-install the Authy app, then you should begin to receive SMS (text messages)
‍– This recovery process will retain all backed up 2FA accounts, but any accounts or tokens that have not been backed up will be lost. For more information on Authy backup process, click here
‍2. Short codes need to be unblocked
Short codes are the codes that Authy will send to your mobile device via SMS. These codes may have been blocked from being delivered to your device.
• Sprint users – text “Allow 78156” to the number 9999, which may allow the Authy short code to be unblocked by your carrier.
• T-Mobile/AT&T/Verizon users – contact your provider to request that short codes be unblocked.
3. Using a landline phone number
If you entered a landline number, you will not receive a text message.
• Landline numbers can be supported. See the “Can I use a landline phone number?” FAQ.
• If you did not intend to use a landline as your 2FA phone number, call our employee support group at 855.401.4357.
4. Shared login
If you shared your login information with another person, and that other person used their own phone number to setup 2FA, please contact our employee support group at 855.401.4357.5. Phone number entered incorrectly
Please contact our employee support group at 855.401.4357.

‍Here is an article with more detail around why SMS may not be going through and how to troubleshoot.

If you have successfully received the token via text or Authy app, but when the token is entered on the website and “Verify” is clicked, either nothing happens, or you receive a “token is invalid or expired” message, see below:

Nothing happens
• If using Internet Explorer, there are some cookie settings that may interfere with your ability to pass the 2FA screen
• Possible solutions:
– Try a different browser. The site is optimized for Chrome
– Change Internet Explorer settings so that “Compatibility Mode” is not used for www.myubiquity.com

‍Receive a message “token is invalid or expired”
• If multiple devices have the Authy app installed (i.e. iPad, desktop computer, and mobile phone), it’s possible that the devices may need to be synced.
• Possible solutions:
— Try using the Authy token that is displayed on another device when attempting to login
— If that worked, you should be able to re-sync devices by logging out of all devices except for the one with the Authy token that works. Then, go to Settings → Devices Select: Allow Multi-device
— Log back into Authy on your other devices
—You should then be able to use the token from any device when logging in (NOTE: these are the steps when enabling “Multi-device” from a mobile phone, so the steps may be slightly different on a desktop or tablet version)

There are a couple reasons that this may happen.

‍Shared login
If you share a login with someone else, then the 2FA notification will be generated when other users try to access the account. For security purposes, an individual login will be required for each user going forward.

‍Using a data aggregator (i.e. Mint, Personal Capital, Envestnet, etc.)
If using a data aggregator like Mint.com, Personal Capital (Yodlee), Envestnet (Yodlee), or others, you may have entered your username and password into those application so that they could automatically pull in your account activity and balances. Now that 2FA is enabled, if your data aggregation software is pinging the myubiquity.com website, it will not be able to get past the 2FA token requirement until you login manually through your data aggregation app.This could explain why you are receiving 2FA notifications/texts when you are not expecting it. Note, Ubiquity does not send these notifications at random; our website triggers the notifications to be sent out when a login from a new device or IP address is detected, or 31 days after your last 2FA verification. Third party data aggregators may own multiple IP addresses and thus may trigger a 2FA validation each time they attempt to update account information.For more info about Data Aggregator apps, check out Why can’t I find Ubiquity in my Data Aggregation App (Mint, Personal Capital, Envestnet, etc.).If the above situations do not apply, please contact us at 855.401.4357 so we can ensure the security of your account.

Why am I required to enter a 2FA token multiple times per day?
It is possible that you are using a router that is dynamically generating your IP address throughout the day. For security purposes, the system will require you to enter a 2FA token each time your IP address changes.

If you do not have access (i.e., lost, locked out, damaged or stolen), to your old/previous phone associated with your Authy account and do not have the Authy Mobile app or the Authy Desktop app installed on another device, a phone change request will have to be made through the Authy website: https://authy.com/phones/reset/?proceed=true

‍NOTE: You will need another device ready to use before making this request and this process can take up to 48 business hours to complete.

‍If you do have access to your old / previous phone associated with your Authy account:
Open the Authy app on your old phone.
Tap Settings → General.
‍Tap Edit next to your phone number.Enter the new number.
Tap Save next to the new phone number.

If you do not have access to your old/previous phone associated with your existing Authy account, but do have your old number registered with another Authy Mobile app or the Authy Desktop app installed on another device:

‍AUTHY IOS & ANDROID APP
‍Open the Authy app.
Tap Settings.
‍Tap Edit next to your phone number.
Enter the new number.
Tap Save next to the new phone number.

‍AUTHY DESKTOP APP
‍Open the Authy Desktop app.
Go to Settings → General.
‍Tap Edit next to your phone number.
Enter the new number.
Tap Save next to the new phone number.

Not necessarily. The phone number entered during the 2FA registration process may be different that the number you have entered on your account. The contact phone number is listed just below “Contact Email”.

You CAN change your contact Phone number by editing your profile, but you will not be able to change your 2FA phone number in the profile area. If your 2FA phone number needs to change, refer to What if I change my phone number or lose my device?

Data aggregation software allows users to login to a single interface to view multiple financial accounts. For instance, you might use Mint.com to pull in information for a Bank of America checking, a savings account at Chase, a 401(k) at your former and/or current employer, HSA (Health Savings Account) accounts, an IRA (Individual Retirement Accounts), etc. To do this, the aggregation software requires you to provide the username and password for each of those individual sites.

Most aggregation sites will support a two-factor authentication step on your linked accounts, but some may not. For those that don’t, you will not be able to link your Ubiquity 401(k) account directly within that software.

If a data aggregation service does not currently support Ubiquity, you should reach out to support at the data aggregator site to ask them to add Ubiquity to their synced accounts.

You may need to manually re-sync your Ubiquity account by logging into your data aggregation app and going through the full login process, including 2FA.

‍Example: In Mint, you may see an alert that one of your Accounts needs attention. When viewing the issue, you may see that the Ubiquity account is no longer synced, so you will be prompted to login to the Ubiquity website THROUGH the Mint app.

Navigate to Login → Retirement Login
Enter username and password
Enter 2FA token
Your Ubiquity account should then be re-synced to Mint and not require 2FA at login each time

Most aggregation sites will support a two-factor authentication step on your linked accounts, but some may not. For those that don’t, you will not be able to link your Ubiquity 401(k) account directly within that software.

Yes, international numbers are supported.

If you do not have a mobile / cell phone, it is possible to use a landline phone number. Using a landline number requires that you download the Authy Desktop app or if you own an iOS or Android tablet, you can also try the iOS and Android apps on the App Store or Google Play.

‍The landline number used must be a direct line (no extensions) and a U.S. based phone number.

‍Note: Step 1 and Step 2 below can be done in alternate order. The steps show an example of setting up the Authy desktop app—the table steps may differ slightly.

‍1. Download and Setup Authy App

‍2. Download and install the Authy App

Not sure which to select?
• MacOS – select this if you are using a Mac (Apple product)
• Windows – select this if you are using anything other than Mac/Apple
– 32bit vs 64bit
■ Confirm which version of Windows you are using (see image below for example of how to confirm system type for Windows 10, 8.1, and 7)
■ If you’re not sure which version you use, Google search

‍3. Once installed, Open Authy and enter landline phone number and click “Next”              
‍4. Enter email address and click “Next”
‍Note: this does NOT need to be the same as the user/contact email on the Ubiquity website.                
‍5. Select “Phone Call”
‍Note: if you accidentally click “SMS” (text), you will need to logout of the Authy Desktop app and then log back in. You should then be able to select “Phone Call.”                
‍6. Enter your registration code using your touch-tone phone            

Troubleshooting

Once a device has been registered, this is what the verification screen will look like:            

If you accidentally click “SMS”, this is the screen that will come up.            

Input Landline Number as 2FA Phone Number
You should enter the landline phone number two times on the 2FA registration screen below.            

Enter Verification Code (token)
Be sure to have the Authy app open.

When you get to this screen shown below enter the code displayed for Ubiquity in the Authy app.