ecobee

Two-Factor Authentication (2FA)

 

 Frequently Asked Questions

What is Two-Factor Authentication (2FA)?

Two-factor authentication is a feature that keeps your ecobee account safe by securing it with more than just your username and password. With 2FA enabled, you will receive an authentication code from a secondary source when you attempt to login.

ecobee currently supports the following 2FA methods:

  • Text Message (SMS) 
  • Authenticator App (Google Authenticator, DUO, etc) 

After you enter your username and password in the app or Web Portal, you will receive a unique verification code from the 2FA method you chose, and you will use this verification code to complete the login process. This makes it harder for unauthorized people to access your account because, even if they learn your password, that will not be enough information to gain access to your account.

 

Is 2FA mandatory?

  • 2FA is mandatory for SmartCamera with voice control users.
  • 2FA is opt-in for all other ecobee users, although we strongly recommend using it for added security

 

Why should I use 2FA?

Two-factor authentication protects your ecobee account and ensures that only you and your family can access your ecobee devices. By requiring a unique verification code sent to your phone number, two-factor authentication adds an additional layer of security in the event that your login credentials are compromised.

It is easy to put your password at risk through actions such as using the same password on multiple sites/apps, downloading questionable software, or mistakenly clicking on phishing links in emails/texts.

 

If I have a SmartCamera with voice control, why am I required to use 2FA?

SmartCamera offers a live feed into your home and home Members, which is highly sensitive data. To ensure the protection of this highly sensitive data, users are required to use 2FA.

 

Using Two-Factor Authentication

How do I set up Two-Factor authentication (2FA)?

NOTE: If you own a SmartCamera, you will be required to enable 2FA during device setup. 

You can set up 2FA through your account settings. Specifically:

  1. Open the mobile app and select Account
  2. Select Account Security

You will then be prompted to enter your password to verify your account. Once verifying your password, you'll be asked to select a 2FA method.

 

Using SMS as a Two-Factor Authentication method:

  1. Select Text message (SMS)
  2. Select Get Started
  3. Add the phone number you wish to use for 2FA and then select Next
  4. You will receive a 6-digit code via text to the number provided in the previous step. Once you receive it, enter it and then select Done. If you do not receive your code, tap Resend Code to try again 
  5. Save the unique recovery code given, either by writing it down, copying and pasting it into a text file, or by using the on-screen button to take a screenshot from your phone

 

We strongly recommended saving the recovery code for your reference in case your second method of authentication changes, which will happen if you change your phone number. We recommend printing the code and keeping it somewhere safe, or adding it to a password manager.

 

Using an Authentication App as a Two-Factor Authentication method:

  1. Select Authentication App
  2. Select Get Started
  3. Select Link Authentication App. If you already have an Authentication App downloaded, we will open it directly. If you do not, we will recommend one for you to download
  4. Enter the 6-digit code presented in the third-party app into the "Enter verification code" screen on the ecobee app and then select Done
  5. Save the unique recovery code given, either by writing it down, copying and pasting it into a text file, or by using the on-screen button to take a screenshot from your phone

 

We strongly recommended saving the recovery code for your reference in case your second method of authentication changes, which will happen if you change your phone number. We recommend printing the code and keeping it somewhere safe, or adding it to a password manager.

 

What is the recovery code? Should I save it?

Your recovery code allows you to login if you ever lose access to your second factor. For example, if you obtain a new phone or change your phone number, you will require your recovery code to login.

We strongly recommend you save it, by either:

  • printing it out and keeping it somewhere safe
  • adding it to a password manager

We do not offer support for lost recovery codes.

 

Troubleshooting

I’ve lost access to my second factor when I changed my phone number. How can I login?

If you have lost access to your second factor, you can use your recovery code to login.

Select Try another method on the verification code screen. You will be prompted to enter your recovery code. Once entered, you’ll receive a new recovery code and the original one will become invalid.

 

I’ve lost access to my second factor (SMS) AND my recovery code. How do I proceed?

We do not offer support for lost recovery codes.

If you have lost access to both your second factor and recovery code, you will not be able to login.

Alternatively, you can unregister and re-register all devices to a new account.

Was this article helpful?