Community Forum

Multi-Factor Authentication for Signing in and Xfinity Authenticator Setup

Highlighted
Administrator

Multi-Factor Authentication for Signing in and Xfinity Authenticator Setup

Comcast offers Multi-Factor Authentication using the Xfinity Authenticator to provide extra layers of security for logging in and accessing most of your Xfinity services. The Xfinity Authenticator is an app available for download on iOS (phones only) and Android (phones only).

The Xfinity Authenticator will alert you when someone attempts to use your Xfinity username and password to sign in to your account. You can approve or deny the login attempts either with a traditional verification code, yes/no button push, one-touch fingerprint ID or facial recognition on the iPhone X. In order to use Multi-Factor Authentication, however, you need to first set up your Recovery Options, which customers can do with the Xfinity Authenticator or in My Account.

Your Recovery Options - also known as Two-Step Verification - requires a verification code in addition to an Xfinity username and password to sign in. You can receive the verification code via SMS text sent to your mobile device, or via an email sent to a third-party email address (such as Gmail, Hotmail, etc.). You can also use your Recovery Options to sign in if the Xfinity Authenticator app is not available.

 

 

Setting Up the Xfinity Authenticator

  1. Download the Xfinity Authenticator app from the Apple App Store or Google Play.
    Xfinity Authenticator App Icon 
  2. Open the app and select Register now.
     Authenticator1-1.png
  3. Use your Xfinity username and password to sign in. You may be asked to enter your Two-Step Verification code if you’ve enabled it previously.
    Xfinity Authenticator App Login Screen
    Xfinity Authenticator App login screen requests verification code. 
  4. If you haven’t already done so, you will then be prompted to set up your account with Recovery Options, which include your mobile telephone number and personal (non-Comcast) email address.
    Xfinity Authenticator App Recovery Options screen 
  5. You will then receive a text message and email to verify your information.
    Xfinity Authenticator App mobile phone number verification text message
    Xfinity Authenticator App email verification message
  6. After verifying your mobile phone number and personal email address, your device will be registered.
  7. You will then be prompted to allow notifications to make approving sign in requests easier.
    Xfinity Authenticator App - allow notifications screen  
    • If you wish to use the yes/no button notification, fingerprint ID or facial recognition (on iPhone X), you must allow notifications; otherwise, you will be required to use a changing six-digit code in the Xfinity Authenticator to sign in
      Xfinity Authenticator App face ID approval screen
      Xfinity Authenticator App fingerprint approval screen 
    • On iPhones, Apple independently prompts for allowing notifications, so you must allow notifications on both screens in order for them to work. If notifications were not allowed for the app at the time of Apple iOS prompt, then you need to configure to allow them in your phone settings.
    • You can always change your preferred method of approval in the Settings menu of the Xfinity Authenticator.
      Xfinity Authenticator App settings menu 
    • You can also view and update your registered devices on My Account.
      My Account Settings screen shows registered devices in lower portion.  

 

Two-Step Verification instead of Multi-Factor Authentication

We recommend using Multi-Factor Authentication to make your account more secure; however, if you cannot or do not wish to use Multi-Factor Authentication with the Xfinity Authenticator, you may use Two-Step Verification by setting up your Recovery Options in My Account.

 

 

Adding Additional Xfinity Accounts

If you have access to more than one Xfinity account, multiple accounts can be added by selecting the three dots in the upper right-hand corner and selecting “Add another Xfinity account”.

 


Authenticator2-1.png

 

You will be prompted to sign in with the account credentials and go through the enrollment process.

 

 

Adding Third-Party accounts

The Xfinity Authenticator also supports third-party accounts as well. You can add a third-party account on the welcome screen by selecting “Use other type of account”. The third-party account you are adding must already support multi-factor authentication.

 

If you have already added an Xfinity account, third party accounts can be added by selecting the three dots in the upper right-hand corner and selecting “Add a different type of account”.

 


Authenticator3-1.png

 

You will then need to enable multi-factor authentication in the third party account. You will be given a scannable QR code that can be used to add the account into the Authenticator. Simply scan the QR code with your device’s camera and the account will be added.

 

Authenticator4-1.png

 

If you are unable to scan the QR, select “Enter Key Code instead”. You will then be given the option to enter the code manually, as well as enter the name of the account.

 


Authenticator5-1.png

 

Frequently Asked Questions

 

How do I un-enroll (or uninstall) Authenticator in my account?

Before uninstalling Xfinity Authenticator from your iOS/Android device, please make sure you manually remove the desired device in the My Account portal, you can do this by clicking on the “Recovery Options” link in the settings screen of the app:

Recovery Options.pngFigure 1. Recovery options link on Authenticator settingsFigure 1. Recovery options link on Authenticator settings

Once you have removed your device, you can uninstall the application from your phone. If you skip the previous step, you’ll keep being prompted to enter the 6-digit code from the Authenticator every time you log into your account until you remove the device manually in My Account.

 

If you have already uninstalled Xfinity Authenticator before first removing your device, you can log in to the My Account portal and navigate to your two-step verification settings to manually remove the device from your account.Removed Device.pngFigure 2. Remove trusted Authenticator device in My Account portalFigure 2. Remove trusted Authenticator device in My Account portal

 

Why do I keep getting the “You’re not connected” screen?

There could be multiple different reasons for this:

  • You are connected to a VPN (Virtual Private Network( or have set up a proxy server for your Wi-Fi/Cellular connection.
  • You’re connected to a public Wi-Fi network with a captive portal, such as an airport, hotel, and coffee shop.
  • You have a weak signal strength from your Wi-Fi/Cellular connection.
  • You’re fully connected to your Wi-Fi/Cellular network but the network doesn’t have internet reachability.

Please verify connectivity to the internet by browsing to the My Account website or any other website that requires internet connectivity.

 

Why does the application loop during the sign-in process and not let me log-in?

You could be facing this issue because:

  • Cookies in your browser/device are disabled. Please make sure you have cookies enabled in your mobile device browser (usually Safari/Chrome, depending on your platform).
  • You need to restart the application. Please use the multi-task feature of your device and make sure you force-close the application and then open it back again by clicking the Authenticator icon on your device home screen.

 

Why am I not getting a push notification when trying to sign in?

There are a few possible causes for this:

  • You disabled the “Notifications” option in the settings screen of the Authenticator app.
  • You disabled notifications for Authenticator on your device. You can re-enable notifications through the Android/iOS settings. Navigate to the proper settings screen through the Authenticator app, by clicking in the mentioned “Notifications” option.

If you’re still having issues, try deleting your device from My Account and re-installing Authenticator.

 

Why do I need to register my personal email and phone number in order to use Xfinity Authenticator?

In order to secure your account and provide you with different alternatives to verify your identity, we encourage all users to provide these alternatives to access your account in case you don’t have your Authenticator-enrolled device close to you when trying to sign-in.

 

Why wasn’t Xfinity Authenticator integrated into any of the other existing Xfinity apps or any of the other third-party existing authenticators?

We want users to be able to use Xfinity Authenticator regardless of the Xfinity services that they already use. Other existing third-party authenticators won’t provide some of the available features in Xfinity Authenticator like Touch ID / Fingerprint approval, notifications, etc.

 

What if I receive an unknown or suspicious sign-in request?

If you’re not trying to sign in at the moment you get a sign in request notification, deny the sign in request, make sure no one else knows your sign-in credentials and please modify your password so that you keep your account safe.

 

I have received the maximum devices allowed message. How do I manage my registered devices?

You can register up to 5 different devices as trusted devices with the Xfinity Authenticator app. If you get the “You’ve already registered five trusted devices.” message, please click on the link shown on that screen that will take you to My Account settings where you can remove one of the already registered devices. You will need to do this in order to register a new trusted device.

 

What if I don’t have internet connectivity on the device that has Authenticator installed?

If your device isn’t connected to the internet, you won’t be able to receive sign-in request notifications from Authenticator. Instead, you can use the 6 digit verification code created by the app every 30 seconds. Just select the option “Enter a code from Authenticator” when trying to sign in.Enter a code Authenticator.pngFigure 3. Option "Enter a code from Authenticator" available while trying to sign in.Figure 3. Option "Enter a code from Authenticator" available while trying to sign in.

 

Why am I not receiving any SMS messages on my phone from any Xfinity applications?

During the enrollment process for the Xfinity Authenticator, if you are unable to receive verification codes via text message, your carrier may be blocking your device from receiving certain SMS messages. Please contact your cell phone provider to turn on / unlock the SMS service. Keep in mind that only U.S. phone numbers are supported.

 

How do I contact Xfinity to get support for issues related to Xfinity Authenticator?

You can reach us here, in this forum, by posting a comment below. Also, you can email us at: authenticator@comcast.com.

 


I am an Official Comcast Employee.
Official Employees are from multiple teams within Comcast: CARE, Product, Leadership. We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
New Poster

Email on setting up new password

I did not do this with this account or my email. What do I need to do. This is not even the account I use for Comcast.
New Poster

Re: Multi-Factor Authentication for Signing in and Xfinity Authenticator Setup

Why do we have to use Comcast/xfinity's proprietary multi-factor authentication app just for Comcast/xfinity's web site? Google, Microsoft  and others have great non-proprietary Time-based One Time Passwords (TOTP) applications that we can use with hundreds of other web sites, applications, and SaaS providers. Comcast/xfinity should allow us to use those TOTP services as well.

Silver Problem Solver

Re: Multi-Factor Authentication for Signing in and Xfinity Authenticator Setup


@KentcRedmond wrote:

Why do we have to use Comcast/xfinity's proprietary multi-factor authentication app just for Comcast/xfinity's web site? Google, Microsoft  and others have great non-proprietary Time-based One Time Passwords (TOTP) applications that we can use with hundreds of other web sites, applications, and SaaS providers. Comcast/xfinity should allow us to use those TOTP services as well.


No clue, but Comcast/Xfinity is very old (I've been a customer (time Warner) since 1982 and my personal opinion is it is difficult to "modernize" a corporation as large as they are.


I am not a Comcast Employee.
I am just a customer, volunteering my time to help other customers here in the Forums.
Was your question answered? Mark the post as best answer!