The combination of a username and password required by most online applications and services is becoming, on its own, less and less effective as a security measure. Not only is a password not a proof of your identity but, more critically, it is a one-off verification step. Which means that once your login credentials fall into the hands of a third party, there is nothing to prevent full access to your account.

This is where multi-factor authentication comes in. As its name suggests, it requires additional proof of identity (an "authentication factor") beyond a single password. This additional proof is all the more effective that it is more personal; it can be, for example, information (a secret question), a device (your phone) or even a physical characteristic (your fingerprint) that are unique to you.

Since multi-factor authentication is a proven method of countering identity and data theft, De Marque strongly recommends that all Cantook Hub users enable it to secure their account and data.

Once multi-factor authentication is enabled, Cantook Hub requires, in addition to your password, that you provide a 6-digit verification code every time you log in. This verification code (OTP, for One-Time Password) can only be used once and is valid for a limited time only. Without this verification code, an unauthorised person who knows your password cannot log in to your account.

Cantook Hub offers two multi-factor authentication modes, i.e. two methods of obtaining the verification code.

  • Through an authentication application. An application of your choice, installed on your mobile device or computer, continuously generates verification codes recognized by Cantook Hub. This is the industry's preferred method.
  • By text message (SMS). Each time you log in, Cantook Hub automatically sends a text message to your mobile phone containing the verification code.

I want to retrieve my verification code in an authentication application

I want to receive my verification code by text message (SMS)

For more flexibility, you can combine these two authentication methods.