Overview
Device verification is a security feature that identifies when you log in from a new or unrecognised device. When detected, TPP Wholesale will ask you to confirm your identity before granting full access. This protects your account if your credentials are ever compromised.
How Trusted Devices Work (Reseller Portal)
First-time login
- When you log in on a device for the first time:
- You will not be interrupted by additional verification steps.
- The system performs a background device verification.
- Your device is automatically added as a trusted device.
Trust duration
- A trusted device remains valid for 30 days.
- This works on a rolling basis:
- Each time you log in, the 30-day period is extended.
- If you do not log in for 30 days, the device will expire and may require verification again.
Login with subsequent devices
- Attempt login: Enter your credentials or one-time email code as usual.
- New device detected: If this is an unrecognised device, you will be redirected to the Device Verification screen.
- Check your email: A verification code is sent to your registered email address. Check your inbox and spam or junk folder if needed.
- Enter the code: Type the 6-digit code into the verification field on screen. Codes expire after 15 minutes.
- Access granted: Once verified, you are logged in. This device will be remembered for future logins unless you are inactive for an extended period or your account password is changed.
Viewing Your Trusted Devices
To view your trusted devices:
- Log in to your account
- Navigate to Account Settings
- Select View Trusted Devices
You will be able to see:
- All trusted devices linked to your account
- Their respective expiration dates
Managing Trusted Devices
Remove a single device
If you no longer use a device or want to remove access:
- Go to Account Settings
- Open Trusted Devices
- Select the device
- Click Revoke
Remove all devices
- You can choose to revoke all trusted devices at once.
- This will require all devices to be re-verified on next login.
- Note: All trusted devices will be automatically revoked if a user changes their password. After this, the reseller must re-trust their devices upon next login. This is implemented as an important security feature to protect user accounts.
Lost or Stolen Devices
If your device is lost, stolen, or compromised:
- Immediately go to Trusted Devices
- Locate the device and click Revoke
You can do this quickly without additional verification if you’re already logged in.
Device Limits
- Each account can have up to 10 trusted devices
- If you reach this limit:
- You may need to remove an existing device before adding a new one
- Note: This limit is configurable and may be adjusted in the future if required.
How Trusted Devices Work (Client Portal)
Device recognition works the same way for customer logins. If you log in using 2FA or a one-time email code, your device is automatically trusted without any extra steps. You will only be asked to complete an additional verification step if you log in with just your standard password from an unrecognised device, or sign in without 2FA and without a one-time email code.
If the device is already trusted or the client has completed 2FA or a one-time email code, they are taken directly to the home page without any additional device verification.
To manage trusted devices, navigate to Account, then Manage Account, and click on the 'Manage Trusted Devices' link as shown in the screenshot below.
After clicking this link, customers are directed to a screen where they can revoke access for any devices currently logged in. This screen displays all relevant metadata about each device, including the expiry date of the trust status.
Troubleshooting
| Issue | Solution |
| I didn't receive the verification email | Check your spam or junk folder. Wait 2 minutes and try resending. Ensure the email on your account is current. |
| The code has expired | Codes expire after 15 minutes; click “Resend Code” to get a fresh one. |
| I keep getting the prompt on the same browser | This occurs when cookies are cleared or incognito mode is used. Use a standard browser and allow cookies. |
| I can't complete device verification | Contact TPP Wholesale Support on support@tppwholesale.com.au for assisted access. |
| I can’t access my email to complete device verification | Contact TPP Wholesale Support on support@tppwholesale.com.au for assisted access. |
Frequently Asked Questions
Why am I suddenly being asked to verify my device?
We recently enhanced our security systems to detect new or unrecognised devices. If you're seeing this for the first time, it's because you're logging in from a device we haven't seen before, or your browser cookies were cleared. This is working as intended to protect your account.
Is my account compromised?
No. A device verification prompt does not mean your account has been accessed by someone else. It simply means the system detected a new device. It's our way of making sure it's really you.
Will I have to verify my device every time I log in?
No. Once you verify a device, it is remembered for future logins. You will only see the prompt again if you:
- Security updates: You recently changed your password.
- Browser changes: You cleared your cookies or are using an incognito/private window.
- New hardware: You are accessing your account from a new/different device.
- Inactivity: You haven't logged in from that specific device for an extended period.
I share my account with team members — will this affect them?
Each person logging in from a different device will need to complete device verification once for their device. This is intentional and ensures only authorised individuals can access the account.
Has anything changed about how I log in normally?
For the vast majority of customers, logging in from familiar devices is completely unchanged. The new security steps only appear when we detect something new or unusual - that's by design.