Enabling Two Step Verification on Your Account
What is Two-Step Authentication?
Join the Conversation about Account Protection, and Other Layers of Security, or Ask the Community for Help @ Introducing Two-Step Verification
Two-Step Authentication (also called two-factor verification or ‘2FA’) is a security feature on the Kasa APP that helps add an extra layer of security to your account. With Two-Step Authentication enabled, a new device that signs into the app with your TP-Link account information will be asked to enter a time-sensitive verification code to protect your account and prevent unauthorized access.
How to Set up Two-Step Authentication?
You can enable this feature from the Kasa Application. From the application, tap the in the top left > View account > Login Security> Toggle ON Two-Step Authentication.
How does Two-Factor Authentication work for the Kasa APP?
1. When enabling two-step authentication for the first time, it will require you to verify your account through your email.
2. After Two-Step Authentication, new devices attempting to log in will have to verify using one of the methods specified below: (App Notification or Email)
1. App Verification (Default Method) : Verify by App Notification. A Verification Code will be sent via a Kasa app notification to Trusted Device(s). Enter the code on the new device to verify the new device.
Note: Ensure that the Notification permission has been enabled on your phone to use this feature.
2. Email Verification (Alternative method): Verify by email. A Verification Code will be sent to your Email Registered to your TP-Link Account. Sign in your email to view the code. Enter this code on the new device to verify the new device.
Q1. How do I turn off Two-Step Authentication?
From the Kasa APP > Tap the in the top left> View account > Login Security>Then tap the Two-Step Authentication ON/OFF toggle
Note: Set Two-Step Authentication ‘ON’ is highly recommended to enhance security level to your account.
Q2. Will the Kasa App ask a Trusted Device to go through Authentication before logging in again?
No, a Trusted Device could skip the 2FA step when sign in your account without entering a verification code.
Q3. How do I remove a device from Trusted Devices? How do I manage the Trusted Device?
Kasa APP > tap the in the top left > View account > Login Security > Trusted Devices> then tap the ‘X’ on the side of the device you would like to remove.
Note: Once a device is removed from Trusted Devices list, that device will be force logged out, and need a verification code next time log into the APP.
Q4. Why does my device show a different location in Login Activity than where I logged in from?
Device location there is based on the IP address from Internet Service Provider and that may not align with the device real location, we do not use the GPS location of the device to determine location. If using a cellular connection, the app may indicate that a new device has logged in from far away.
1. What should I do if I didn’t get the 2-Step Verification code in my email inbox?
1) First, check your Spam or Junk folder.
2) Next, ensure that you are using the correct email account. From the Kasa application, hit the in the top left and tap View Account
3) Add TP-Link email address ' firstname.lastname@example.org ' into Whitelisted email senders or Safe Senders as this FAQ
4) Contact our Support using the Same Email Account that you are trying to enable two-factor authentication for, and please provide the following information:
a. TP-Link ID/ Email account
b. Kasa APP version
c. Photos of Two-step Authentication Setup – Under My Account > Login Security
d. The model of your Mobile Device & Android or IOS version.
2. What should I do if I did not receive a mobile notification with the code?
- Enable Notification permission for Kasa APP on the phone. Device should be able to get notifications from Kasa app properly.
- Tap ‘Resend’ to resend verification code.
- Ensure sure your phone is connected to the internet.
- Ensure that your Kasa APP is up-to-date
- Tap ‘Did not receive a code?’ on the bottom > Receive Code via Email> tap Send Code
3. What if I receive a Verification code, but my new device didn’t try to sign in?
If you receive a verification code, but you do not recognize the device that sent the request, there is a chance that your account password has been compromised – but do not worry, the unrecognized user will be unable to login without the code provided by either your email or notification to another trusted device.
We recommend immediately changing your account password and changing any other services that may use the same password. You can mitigate the chances of this happening to you by following these principles:
- Create a Strong Password with a Mix of Numbers, Letters, Capitals, and Symbols
- Do Not Reuse the same password across multiple platforms
- Use a password generator and manager