Skip to main content
  1. Ramp
  2. Guides by topic
  3. Security and authentication
  4. Multi-factor authentication

Multi-factor authentication (MFA) overview

Overview

At Ramp, we take the security of your account seriously. We enroll all Ramp user accounts into multi-factor authentication (also known as MFA, or two-factor authentication/2FA). MFA is an enhanced security method that occasionally prompts users to verify their authentic login by requiring a code sent to the user outside of the Ramp app. Users can set up MFA through the following channels:

  • Phone SMS (configured automatically if a phone number is stored)
  • Phone call (configured automatically as a backup to SMS)
  • Authenticator devices (pending manual setup below)
  • Email (only when all the above are unavailable)

Jump to:

Use MFA to log into Ramp

When you log in to Ramp with your username and password from a new device, you will be prompted to verify your login attempt. You will be sent a verification code to your phone, authenticator app, or email, depending on the MFA method you have set up. These login verification codes are valid for 5 minutes: if you were unable to successfully enter it during the valid time frame, you may request Ramp to send a new code.

If you log in to Ramp and click Trust This Device? from the same device you will not be prompted to verify your login each time. If you log in to Ramp using Sign In with Google or Sign In with your Identity Provider, you will not be prompted to verify your login each time.

Keep MFA codes secure

To keep your financial account secure, never share verification codes anywhere or with anyone. Ramp support will never contact you to request a login verification code; such a request may be a phishing attempt from an attacker masquerading as a Ramp employee.

If you receive a request to share a Ramp verification code, do not respond.

Configure your phone

When you enroll a mobile phone with Ramp, we automatically set it up to receive verification codes. No further configuration is required on your part. Learn how to update your phone number from your Ramp profile here.

If you have not set up an authenticator app, you will by default receive verification codes by SMS to your phone number on file. As a backup, you can also receive codes by phone call.

Changing your phone number

If you need to change your phone number, you can navigate to Settings > Personal settings, click Edit my profile and change the phone number. You will be prompted for a verification code before you can proceed.

Configure an authenticator app

An authenticator app is a mobile or computer application that adds an extra layer of security to online accounts by generating a one-time password (OTP) for two-factor authentication (2FA). MFA via authenticator app is considered more secure than MFA via SMS or email.

Set up an authenticator app

You can configure up to five authenticators (such as Google Authenticator, Twilio Authy, etc.) to access your account without using your phone number.

Follow these steps to add an authenticator:

  1. Go to Settings > Personal Settings > Security
  2. Click Configure multi-factor authentication.
  3. Click Add authentication device and follow the on-screen instructions.

Screenshot 2024-06-06 at 3.10.41 PM.png

If you have previously enrolled an authenticator, you will see all your existing devices.

If you have not previously enrolled an authenticator, you will not see this list.

Use your authenticator to log in

Your authenticator should look something like this screenshot with 6-digit codes. The one you set up with Ramp will be titled Ramp: your email. See the highlighted entry below as an example.

When prompted to enter your authenticator's verification code, enter the 6 digits in your authenticator that are titled Ramp: your email. In the example below, it would be 717 164.

96239.jpg

Remove an outdated authenticator

Note: Removing an authenticator app without a replacement is generally not recommended for the security risk to your Ramp account.

If you are logged in and have access to your authenticator app, you can follow the below steps to remove the app as your MFA method:

  1. Go to Settings > Personal Settings > Security
  2. Click Configure multi-factor authentication.
  3. Click the X to remove the device and follow the on-screen instructions OR submit the legacy authenticator to remove the one you don't have access to

Screenshot 2024-06-06 at 3.10.41 PM.png

Finally, delete your Ramp account in your authenticator app:

  • In Google Authenticator, press and hold the account. Press the pencil icon and then the trash icon.
  • In Twilio Authy, go to Settings -> Accounts and tap the delete button.

What if I face issues logging in with MFA?

My phone number on file is no longer accessible for MFA

Follow the steps here.

My authenticator app on file is no longer accessible for MFA

Follow the steps here.

I am not receiving MFA codes via SMS

Follow the steps here.

I am still facing issues

Below are some additional resources you can reference:

  • Review the initial sign-in guide for first-time Ramp users.
  • Ensure your web browser allows pop-up windows; blocking them can cause login issues.

If you’ve followed these steps and still can’t log in, please vote on the article and provide a comment with feedback about what's missing - we are always trying to improve these articles!

After that, please contact our support team for further assistance and we would be happy to assist you with your issue.

 

The following tags apply to this article:

Was this article helpful?