blog

Enable hardware token based two factor authentication for your Stripe account

23-09-2018

Two-step authentication protects your Stripe account with an additional level of security. When you log in from a new device, Stripe will ask for both your password and a unique code from your hardware token. Even if someone has your password, they will not be able to log into your account without also having access to your token.


The default method of Stripe 2FA is using Google Authenticator, which can be easily replaced by Token2 miniOTP-1 hardware token, which will make the login process much more convinient. To opt into Two-Factor Authentication with Token2 miniOTP-1 hardware token, follow the instructions below. Needless to say, you have to have your miniOTP-1 token and Android device with NFC ready.

  • Install Token2 Burner App and make sure your token is accessible via NFC.
  • On your Android device, install and test the Token2 Burner app. You can test NFC access by "get OTP" button of the app: push the button on the miniOTP-1 device and hold it close to the NFC antenna of your Android device (usually below the camera on the back). Then on the Burner App, touch "get OTP" button. The OTP shown on the app should match the one displayed on the token.
  • Go to your user profile.
  • Click Add under the Two-step authentication section.
  • Select Add Google Authenticator. A QR code will be shown on the screen.

  • Launch Token2 Burner App on your Android device. Click on Scan QR button and scan the QR code. Then, push the button on the miniOTP-1 device and hold it close to the NFC antenna of your Android device (usually below the camera on the back). Click on "burn seed" button. The app should show "burn seed process succeeded" message if the process is successfully completed.

  • On the Stripe profile page, click next. The page will ask for a 6 digit code ("please enter your 6-digit authentication code...")
  • Push the button on the miniOTP-1 device again, and enter the code shown on the screen to the Stripe profile page
  • Click "Confirm" to finalize the process

integration guides