Overview
At Ramp, we take the security of your account seriously. We enroll all Ramp user accounts into multi-factor authentication (also known as MFA, or two-factor authentication/2FA). MFA is an enhanced security method that occasionally prompts users to verify their authentic login by requiring a code sent to the user outside of the Ramp app. Users can set up MFA through the following channels:
- Phone SMS (configured automatically if a phone number is stored)
- Phone call (configured automatically as a backup to SMS)
- Authenticator devices (pending manual setup below)
- Email (only when all the above are unavailable)
Jump to:
- Verifying login attempts
- Verification codes and your security
- Configuring your phone
- Configuring an authenticator
- What if I have issues with MFA?
Use MFA to log into Ramp
When you log in to Ramp with your username and password from a new device, you will be prompted to verify your login attempt. You will be sent a verification code to your phone, authenticator app, or email, depending on the MFA method you have set up. These login verification codes are valid for 5 minutes: if you were unable to successfully enter it during the valid time frame, you may request Ramp to send a new code.
If you log in to Ramp and click Trust This Device? from the same device you will not be prompted to verify your login each time. If you log in to Ramp using Sign In with Google or Sign In with your Identity Provider, you will not be prompted to verify your login each time.
Keep MFA codes secure
To keep your financial account secure, never share verification codes anywhere or with anyone. Ramp support will never contact you to request a login verification code; such a request may be a phishing attempt from an attacker masquerading as a Ramp employee.
If you receive a request to share a Ramp verification code, do not respond.
Configure your phone
When you enroll a mobile phone with Ramp, we automatically set it up to receive verification codes. No further configuration is required on your part. Learn how to update your phone number from your Ramp profile here.
If you have not set up an authenticator app, you will by default receive verification codes by SMS to your phone number on file. As a backup, you can also receive codes by phone call.
Changing your phone number
If you need to change your phone number, you can navigate to Settings > Personal settings, click Edit my profile and change the phone number. You will be prompted for a verification code before you can proceed.
Configure an authenticator app
An authenticator app is a mobile or computer application that adds an extra layer of security to online accounts by generating a one-time password (OTP) for two-factor authentication (2FA). MFA via authenticator app is considered more secure than MFA via SMS or email.
Set up an authenticator app
You can configure up to five authenticators (such as Google Authenticator, Twilio Authy, etc.) to access your account without using your phone number.
Follow these steps to add an authenticator:
- Go to Settings > Personal Settings > Security
- Click Configure multi-factor authentication.
- Click Add authentication device and follow the on-screen instructions.
If you have previously enrolled an authenticator, you will see all your existing devices.
If you have not previously enrolled an authenticator, you will not see this list.
Use your authenticator to log in
Your authenticator should look something like this screenshot with 6-digit codes. The one you set up with Ramp will be titled Ramp: your email. See the highlighted entry below as an example.
When prompted to enter your authenticator's verification code, enter the 6 digits in your authenticator that are titled Ramp: your email. In the example below, it would be 717 164.
Remove an outdated authenticator
Note: Removing an authenticator app without a replacement is generally not recommended for the security risk to your Ramp account.
If you are logged in and have access to your authenticator app, you can follow the below steps to remove the app as your MFA method:
- Go to Settings > Personal Settings > Security
- Click Configure multi-factor authentication.
- Click the X to remove the device and follow the on-screen instructions OR submit the legacy authenticator to remove the one you don't have access to
Finally, delete your Ramp account in your authenticator app:
- In Google Authenticator, press and hold the account. Press the pencil icon and then the trash icon.
- In Twilio Authy, go to Settings -> Accounts and tap the delete button.
What if I face issues logging in with MFA?
My phone number on file is no longer accessible for MFA
My authenticator app on file is no longer accessible for MFA
I am not receiving MFA codes via SMS
I am still facing issues
Below are some additional resources you can reference:
- Review the initial sign-in guide for first-time Ramp users.
- Ensure your web browser allows pop-up windows; blocking them can cause login issues.
If you’ve followed these steps and still can’t log in, please vote on the article and provide a comment with feedback about what's missing - we are always trying to improve these articles!
After that, please contact our support team for further assistance and we would be happy to assist you with your issue.