We take the security of your account seriously. All Ramp accounts are enrolled in multi-factor authentication (also known as two-factor authentication, MFA, and 2FA) based on your provided account details. You can use:
- Authenticator devices (see below)
- Phone (configured automatically)
- Email (only when others are unavailable)
Verifying login attempts
When you log in to Ramp from a new device with a username and password you will be prompted to verify your login attempt. If you have configured an authenticator (see below), you can use that authenticator here. Otherwise, we will send a login code to your on-file phone number or email address. These login verification codes are valid for 5 minutes: if you were unable to successfully enter it during the valid time frame, you may re-send a code.
If you log in to Ramp and click "Trust This Device?" from the same device you will not be prompted to verify your login each time. If you log in to Ramp using “Sign In with Google” or “Sign In with your Identity Provider”, you will not be prompted to verify your login each time.
Sharing verification codes
To keep your financial account safe, never share verification codes anywhere or with anyone. Ramp support will never contact you to request a login verification code; such a request may be a phishing attempt from an attacker masquerading as a Ramp employee.
If you receive a request to share a Ramp verification code, do not respond.
Configuring your phone
When you enroll a mobile phone with Ramp we automatically set it up to receive verification codes. No further configuration is required on your part. Learn how to update your phone number here→
Configuring an authenticator
You can configure up to five TOTP-based authenticators (like Google Authenticator, Twilio Authy, etc.) in order to access your account without using your phone number.
- To add an authenticator to your Ramp account, first go to Settings > Personal Settings > Security
- Click on “Configure Multi-Factor Authentication”
- Click “Add authentication device” and follow the on-screen instructions
If you have previously enrolled an authenticator, you will see all your existing devices. If you have not previously enrolled an authenticator, you will not see this list.
That’s it! Your new authenticator is ready for use when you next log in from a new device!
Using your authenticator
Your authenticator should look something like this screenshot, with 6-digit codes. The one you set up with Ramp will be titled Ramp: your email. See the highlighted entry as an example below.
When prompted to enter your authenticator's verification code, enter the 6 digits in your authenticator that are titled Ramp: your email. In the example below, it would be 893 694.
Removing an authenticator
To remove an authenticator from your Ramp account, follow the instructions above to navigate to the authentication panel. Click the "x" next to the authenticator you wish to remove. It’s gone!
Lost authenticator (help me log in!)
If you have lost access to your enrolled authenticator, follow the prompts during login to switch to send a verification code to your enrolled phone number instead.
Once you have regained access to your account, refer to the “Removing an authenticator" section above to remove the authenticator that you no longer have access to. This ensures the lost authenticator cannot be used to sign in to your account in the future.