On this page
Email 2FA verification in MyKualo
MyKualo uses email-based two-factor authentication to protect your account when a login looks unfamiliar or unusual.
MyKualo uses email-based two-factor authentication (2FA) to add a second layer of security to your account. Even if someone has your password, they still need to pass this extra check before they can get in.
Why email 2FA exists
Email 2FA protects your account from unauthorised access, particularly when someone tries to log in from a new or unfamiliar location. By sending a one-time PIN to your registered email address, we verify that it is really you - not just someone who has obtained your password.
How email 2FA works
When you log in from an unrecognised IP address, a different geographical location, or in a way that appears non-human, you may be prompted to verify your identity. The process works as follows:
- Receive the email. An email containing a one-time PIN is sent to your registered email address as soon as the unfamiliar login attempt is detected.
- Enter the PIN. You are prompted to enter the PIN on the login screen. Once the code is verified, your login is complete.
This means that even if someone gains access to your password, they also need access to your email account to log in.
Seeing this prompt often?
If you are receiving email 2FA prompts more frequently than expected, it is likely due to changes in your IP address or location. Common causes include:
- Switching between different networks (home, work, or mobile data).
- Your ISP regularly changing your IP address, which is common with mobile or dynamic connections.
- Logging in from different locations while travelling.
- Using a VPN, or something else about your connection appearing unusual.
While this may feel inconvenient, it is an important safeguard against unauthorised access. We cannot disable this feature, but we do aim to reduce the frequency of prompts by recognising familiar IPs over time.
The best way to reduce these prompts is to enable full 2FA on your account. With full 2FA, you use a dedicated authenticator app to generate a time-based code at every login, regardless of your IP or location - so the email check is no longer needed.
You can use apps such as Authy or Google Authenticator to generate 2FA codes. Password managers such as 1Password can also store and auto-fill 2FA codes, which reduces friction at login.
Learn how to enable full 2FA on your MyKualo account.
Didn't receive the email 2FA code?
Our system reliably sends these emails and they are successfully delivered in nearly all cases. If you do not receive the verification email:
- Check your spam or junk folder. Providers such as Gmail or Outlook can occasionally filter the message incorrectly.
- Add [email protected] to your address book. This helps ensure future emails land in your inbox.
- Try logging in again. Once you have added the address to your contacts, attempt to log in again to generate a new verification email.
If the problem persists, please contact our support team for further assistance.
Prevent lockouts caused by email issues
Do not use a Kualo-hosted email address as your primary login contact. If your hosting is suspended or unavailable, you will not receive the email 2FA code and could be locked out of your account.
To avoid this situation:
- Use a third-party email address (such as Gmail or Outlook) as your main contact email.
- Add a secondary sub-user with an alternative email address as a backup method of access. Learn how to add a sub-user.
- Enable full 2FA using an authenticator app. This removes the dependency on email verification entirely. Learn how to enable full 2FA.
Taking these steps ensures you can always access your account, even if there is a problem with your main email address.