Two-Factor Authentication Guide

Introduction

At CareerCove, we take the security of your personal information and career documents seriously. That's why we've implemented Two-Factor Authentication (2FA) to provide an additional layer of security for your account. This guide explains how our 2FA system works, why we use it, and what to do if you encounter any issues.

What is Two-Factor Authentication?

Two-Factor Authentication (2FA) is a security process that requires two different forms of identification to verify your identity. At CareerCove, we use:

Something you know: your password

Something you have access to: your email account

This means that even if someone discovers your password, they still can't access your account without also having access to your email. This significantly increases your account security and protects your sensitive career information.

How Two-Factor Authentication Works at CareerCove

The Login Process

Enter your email and password on the login page

If your credentials are correct, we send a 6-digit verification code to your email

Check your email for the verification code (this may take a minute to arrive)

Enter the 6-digit code on the verification screen

Once verified, you'll be logged in to your account

Important Things to Know

Verification codes expire after 5 minutes

You can request a new code if needed

After 3 failed verification attempts, your account will be temporarily locked

You can enable or disable 2FA in your profile settings

2FA is enabled by default for all accounts to ensure maximum security

Visual Guide to Two-Factor Authentication

Step 1: Login Screen

Enter your email and password as usual. If your credentials are correct, you'll be taken to the verification screen.

Step 2: Verification Screen

You'll see a screen asking for a 6-digit verification code. Check your email for the code and enter it here.

Step 3: Success

After entering the correct code, you'll be logged in to your account and redirected to your profile page.

Managing Your Two-Factor Authentication

Enabling or Disabling 2FA

While we recommend keeping two-factor authentication enabled for maximum security, you can disable it if needed:

Go to your Profile page

Find the "Two-Factor Authentication" toggle in the Profile Settings section

Toggle the switch to enable or disable 2FA

Your preference is saved automatically

Security Note: Disabling 2FA makes your account more vulnerable to unauthorized access. We strongly recommend keeping it enabled, especially since CareerCove stores sensitive personal and career information.

Troubleshooting Two-Factor Authentication

I didn't receive a verification code

If you don't receive a verification code within a few minutes, try these steps:

Click the "Resend Code" button on the verification screen

Check your spam or junk folder

Make sure your email address is correct

Check your internet connection

If you still don't receive a code after multiple attempts, contact our support team

My verification code isn't working

If your verification code is being rejected, consider these possible issues:

The code may have expired (codes are valid for 5 minutes)

You may be using an old code from a previous login attempt

Double-check that you're entering the code correctly

Request a new code by clicking the "Resend Code" button

Important: You have 3 attempts to enter the correct code. After 3 failed attempts, your account will be temporarily locked.

My account is locked - what do I do?

If your account has been locked due to too many failed verification attempts, don't worry - you can regain access:

Go to the login page

Click on the "Forgot Password" link

Enter your email address

Check your email for a password reset link

Follow the instructions to reset your password

Once you reset your password, your account will be automatically unlocked

Note: Resetting your password automatically unlocks your account. This is the fastest way to regain access.

If you're unable to reset your password or continue experiencing issues, please contact our support team for assistance.

Why We Use Two-Factor Authentication

Protecting Your Sensitive Information

CareerCove stores sensitive personal and professional information, including:

Your resume with personal contact details

Work history and employment information

Educational background

Cover letters and job application materials

Interview preparation notes

This information requires strong protection, and 2FA provides an essential layer of security to prevent unauthorized access.

Common Security Threats

Two-factor authentication helps protect against these common security threats:

Password theft through phishing attacks

Credential stuffing (using leaked passwords from other sites)

Brute force attacks attempting to guess passwords

Keyloggers that capture your password as you type

Social engineering attempts to trick you into revealing your password

Even if an attacker somehow obtains your password, they still can't access your account without the verification code sent to your email.

Strong Password Requirements

Creating a Strong Password

At CareerCove, we enforce strong password requirements to protect your account. Your password is the first line of defense against unauthorized access, and when combined with two-factor authentication, provides robust security for your personal information.

All passwords must meet these requirements:

Be at least 8 characters long

Include at least one uppercase letter (A-Z)

Include at least one lowercase letter (a-z)

Include at least one number (0-9)

Include at least one special character (!@#$%^&*()_+-=[]{}|;:,./<>?)

Tips for creating a strong, memorable password:

Use a passphrase: Combine multiple words with numbers and special characters

Avoid using personal information like birthdays or names

Don't reuse passwords across different websites or services

Consider using a password manager to generate and store complex passwords

Pro Tip: During registration or password changes, we provide a "Generate Strong Password" button that will create a secure password meeting all requirements.

Security Best Practices

To maximize your account security, we recommend following these best practices:

Keep two-factor authentication enabled

Use a strong, unique password for your CareerCove account

Never share your verification codes with anyone

Ensure your email account is also secured with a strong password

Consider enabling 2FA on your email account as well

Log out of your account when using shared or public computers

Keep your devices and browsers updated

Be alert for phishing attempts that try to steal your login information

Frequently Asked Questions

Can I disable two-factor authentication?

Yes, you can disable 2FA in your profile settings. However, we strongly recommend keeping it enabled for maximum security. Your account contains sensitive personal and professional information that should be protected with multiple layers of security.

Will I need to verify every time I log in?

Yes, you'll need to complete the verification process each time you log in from a new session. This ensures that even if someone obtains your password, they can't access your account without also having access to your email.

What happens if I change my email address?

If you change your email address in your profile settings, verification codes will be sent to your new email address. Make sure you have access to your new email before making this change.

How long does my account stay locked?

Once locked, your account remains locked until you reset your password using the "Forgot Password" feature. This is a security measure to prevent unauthorized access attempts. Resetting your password automatically unlocks your account.

Is my data still safe if I disable 2FA?

While your data is still protected by your password and our encryption measures if you disable 2FA, your account becomes more vulnerable to unauthorized access. Two-factor authentication adds a significant layer of security that's difficult for attackers to bypass. We recommend keeping it enabled.

Need Additional Help?

If you're experiencing issues with two-factor authentication or have questions not covered in this guide, our support team is here to help. Contact us for personalized assistance with your account.

Contact Support