Account Verification & 2FA Setup
Increase security using Two-Factor Authentication (2FA) and profile verification.
Security is integrated into every layer of B A C cloud hosting. We offer advanced authentication mechanisms, deep form protection protocols, and audit logs to safeguard your deployment console from malicious interventions.
Two-Factor Authentication (2FA)
Enabling 2FA adds an extra layer of protection by requiring a 6-digit dynamic passcode from your smartphone whenever you log in. This prevents access even if your password becomes leaked or stolen.
How to Setup 2FA:
- 1 Go to the Settings page from your console sidebar navigation.
- 2 Scroll down to the Security Settings section and click on the "Enable 2FA" button.
- 3 A secure QR code will appear. Scan it using your preferred authenticator app (e.g. Google Authenticator, Microsoft Authenticator, or Authy).
- 4 Enter the 6-digit code currently showing in your authenticator app to verify the sync and finalize setup.
[email protected]) and complete identity verification audits to have 2FA manually reset.
Workspace Approval & Verification
To prevent malicious activities on our server instances (such as phishing, spamming, or crypto-mining scripts), all new client registrations go through a verification queue.
Once you submit your registration, our system administrators audit the request. Workspace approvals are typically completed in under 4 hours.
Note: If you are explicitly invited via email to collaborate on an existing project, your account is pre-approved and bypasses this verification queue automatically.
B A C Shield Protocol
Our proprietary security framework is active across all console interfaces. You don't need to configure anything, but here is a simple explanation of how it protects your workspace:
CSRF Attack Prevention
B A C Shield assigns a cryptographic token cookie to your session. Every button click or state-change POST command verifies this unique signature, blocking malicious cross-origin page injection attempts.
Input Sanitization & WAF
All form payloads (such as environment editor inputs, variables, or database updates) are inspected. Any queries containing SQL injection, cross-site scripting (XSS), or script tags are instantly rejected.