The purpose of two-factor authentication is to have a second layer of protection to minimize the risk of fraudulent attempts and help maintain security.

We do this by sending a one-time password (OTP) to your OTP default channel for certain activities. OTPs are numeric security code (up to 6 digits). The code is time sensitive and valid only for a limited amount of time.

Features that have two-factor authentication are:

• Registering for digital banking/First time login

• Forgot password/Self-serve password reset

• Add a bill payee

• login - when using a new device and browser for the first time

Entering an OTP incorrectly three times will lock your OTP credential and you will need to contact us to unlock your credential.

We’ll send your one-time password by email or text message depending on the OTP default channel you choose on the two-factor authentication page.

Your one-time password is temporary and designed to be used for one session only. Your OTP will expire ten minutes after it's sent. Once this time has expired, a new OTP will need to be requested.

If you haven’t received your OTP to your OTP default channel (email or mobile phone), you can request another.

If your OTP default channel is set to email, don't forget to check your junk or spam folder.

Check that your OTP contact details are up to date on the Two-Factor Authentication page. This can be done through online banking and the mobile app. If your details have recently changed, update your mobile number or email address before you request another OTP. Log out and try again.

If you're not receiving an OTP through email, try to validate using your mobile phone.

Call our Member Contact Centre at 1-800-667-7477 if it still doesn't arrive after you request it.

Call our Member Contact Centre at 1-800-667-7477.

This is typically because the browser updated on the device (i.e. laptop or mobile phone). The Conexus mobile app accesses the default browser on the mobile phone during the login process.

Two-Factor Authentication is mandatory to ensure the highest level of account security. By requiring two forms of identification (your password and a second factor), it significantly reduces the risk of unauthorized access. This extra layer of security helps protect your personal and financial information, making it more difficult for unauthorized individuals to gain access to your account.

Conexus recommends choosing the mobile channel as it is the more secure option. If mobile is not available to you, you can choose email as an alternative. During the setup process, you will be guided on how to choose your preferred method.

If you don’t have a mobile phone or are unable to receive SMS messages, you can choose to use your email as your default channel. You can also change your one-time password default channel at any time.

1. Navigate to the two-factor authentication page based on the current application you’re using:

   • Online (web browser): Log in and go to My Conexus at the top > Choose Security > Two-factor authentication

   • App (Android and Apple): Log in > at the bottom right-hand corner of the main menu, click More > My Conexus > Security > Two-factor authentication

2. Select the channel you'd like to receive one-time passwords – SMS (text messages) or email. We recommend opting for SMS as it is the more secure channel.

3. Input your contact information. Click validate. A one-time password will be sent to you.

4. Once validation is complete, click save at the bottom of the page. Done!

No, Two-Factor Authentication is mandatory for all members to ensure the security of your account. While it may feel inconvenient at times, the added layer of security significantly reduces the risk of unauthorized access and protects your personal and financial information. Cybercriminals are constantly evolving, and Two-Factor Authentication is an effective way to stay ahead of their tactics. Your security and peace of mind are our top priorities, and we are committed to providing you with the highest level of protection.