Two-Factor Authentication

Two-Factor Authentication adds an extra layer of security to your profile when logging into the M-Pesa Integration Portal

What is Two-Factor Authentication

Two-Factor Authentication is an additional login security feature. It is one of the most secure forms of remote system authentication. This method of signing in to your website relies on something you know and something in your possession. That is why it is referred to as two-factor – because two factors are involved in authenticating you.
In this case you know your password and you are in possession of your cell phone or another authenticator device. If we can verify both of these, then we know that it’s okay to allow you to access the Integration Portal.

Applications for the Two-Factor Authentication

M-Pesa’s Integration Portal is compatible with most Time-based One-Time Password (TOTP) applications. TOTP apps automatically generate an authentication code that changes after a certain period of time. Because they do not rely on incoming text messages, they are more reliable than SMS – especially for the international market.
Here are some TOTP apps that we suggest using:

  • Google Authenticator
  • Authy 2-Factor Authentication
  • Duo Mobile
  • Microsoft Authenticator
  • 1Password
  • LastPass Authenticator

How to use Two-Factor Authentication

Step 1: Sign-Up on the M-Pesa Integration Portal
Step 2: Sign in for the first time using your username and password.
Step 3: Use your TOTP Application to scan the QR Code.

  • Alternatively enter the “Secret” manually into the application.

Step 4: Click “Continue” in the Portal
Step 5: Enter the six digit code that appears in your authenticator app

  • This code changes every 30 seconds
  • If the code expires, you can enter the next code instead

Step 6: Login!

Server Time

Accuracy of the server and TOTP authenticator apps are important for two-factor authentication.
Ensure your phone, tablet or computer running the TOTP authenticator has automatic date & time and automatic time zone configured. To ensure it is accurate, you can view your time here: Time.Is