Two-factor authentication (2FA) helps secure and protect your MaxMind account by adding an additional layer of security. With two-factor authentication set up on your account, you will be prompted for a security key after entering your password when attempting to login. Two-factor authentication is not required, but we recommend using it when you have a compatible security key.
We currently support 2FA with security keys that are compliant with the FIDO2 standard. Some examples of supported keys are Yubikey and TouchID.
Admin users cannot manage two-factor authentication on behalf of other users. Each user must set up, manage, or disable their two-factor authentication separately.
Two-factor authentication is currently supported on the following browsers:
- Google Chrome (67+)
- Firefox (60+)
- Edge (18+)
- Safari (13+)
- Opera (54+)
To set up two-factor authentication, click on ‘Two-Factor Authentication’ in the Account menu of your account portal [direct link, login required].
Set Up Recovery Method
Before you register your first key, you must set up an account recovery method in case you lose access to your security key. The system will allow you to register a security key without a recovery method, but it will not prompt you for your security key until the recovery method has been set.
MaxMind uses one-time access codes for account recovery. You can generate one-time access codes by clicking ‘Generate recovery codes’ under ‘Set up recovery methods’. The codes will be displayed to you in your browser, and they will only be displayed once. You should copy them and store them in a secure location. If you navigate away from the page without storing your one-time access codes, you should generate new codes. If you lose access to both your security key and your one-time access codes, you will have to contact our support team to regain access to your account.
Register a Security Key
Next, click on ‘Register new key’. Give your security key a name that will be easy to remember, and then click ‘Next’. You will now be prompted to register your key through your browser.
Please note that authentication details are not shared between different browsers so, depending on the kind of key you’re using (Touch ID, for example), you may need to register your key separately through each browser you intend to use to access your account. Users may register up to 5 security keys.
Confirm that Two-Factor Authentication is Active
When two-factor authentication has been successfully set up on your account, you will see a green banner at the top of your Account summary on your account portal.
Removing Security Keys and Recovery Methods
In order to remove a security key, simply click the blue ‘X’ button next to the name of the key you want to disable. You will be prompted to enter your password. If you have only one security key registered, removing it will disable two-factor authentication and remove all one-time access codes that have been previously generated.
To remove a recovery method you can either generate new one-time access codes, or remove the recovery method entirely. To generate new one-time access codes, click on ‘Generate new codes’.
These codes should be stored, and the old codes will no longer be usable. To remove the one-time access codes as a recovery method, click on the ‘Remove this recovery method’ button. Removing one-time access codes as a recovery method will disable two-factor authentication on your account.
This page was last updated on .