Herbalife Nutrition is implementing an additional layer of security to MyHerbalife.com to protect all your records. Access to MyHerbalife.com will require all Members, Preferred Customers, Preferred Members, and new Members to use 2-Step Authentication (2SA) when signing up.
Currently, Herbalife Nutrition is implementing an additional layer of security to MyHerbalife.com only. However, this will be implemented to other applications in the future. When this occurs, we will provide updates and communicate this in advance.
2SA implementation involves 3 steps:
You have 3 options -
During the authentication process, you will have 300 seconds (5 minutes) for SMS and Email based authentication to enter and validate the OTP. If you do not receive the OTP, you will need to wait 30 seconds before requesting it again.
If you enter an incorrect OTP or answer the Security Question incorrectly for five consecutive times, you will have to wait 30 minutes for reauthentication.
Yes, you have an option to use SMS, Email or Security Question authentication methods each time you login. We recommend that you use SMS authentication method. If you face any issues while using one of the authentication methods, you have an option to change the authentication method to verify your identity.
Yes, you will still need to go through the 2SA enrollment process by verifying the OTP sent to the registered mobile phone through an SMS message.
A mobile phone is required for you to get an OTP through an SMS message, which acts as a secondary factor for the secure authentication.
A smart phone is not required to obtain the OTP through an SMS message for authentication.
You need to select the “Country Code” from a drop-down menu and enter the complete mobile phone number (including the area code if applicable).
Once you are enrolled for 2SA, checking the “Remember Me” option can help you avoid OTP prompts whenever you log in to your account from that browser and device for up to 180 days. If you do not check the “Remember Me” option while using mobile or email authentication methods, you must reauthenticate for subsequent logins. If you do not use mobile or email authentication methods, you must reauthenticate for subsequent logins.
In addition, you must go through reauthentication for the following scenarios:
We recommend that you check the “Remember Me” option only on personal devices and not on shared/public devices.
Yes, the system will send an OTP via SMS to the international phone number if it is registered as a mobile phone number for 2SA. However, you may incur costs from your Telco service provider for incoming text messages.
You can only register one mobile phone number for 2SA. You will receive the SMS-based OTP on the registered mobile phone number. However, you can grant access to MyHerbalife.com to an additional user with their own login and mobile phone number.
If you opt for the email authentication method, you will receive the One-Time Pin (OTP) on your Account/ Profile email that you use for Login.
You can only receive the One-Time Pin (OTP) either on SMS or Email based on your selection of the authentication method. If you face any issues while using one of the authentication methods, you have an option to change the authentication method to verify your identity.
Once you select this authentication method, you will need to answer a security question, which is setup with your account, to verify your identity. You can click on “Change question” to change and access a different question setup with your account.
If you select the Security Question authentication method and do not have the Security questions set up for your account, you can enter the One-Time Pin (OTP) received on your profile email to verify your identity and setup the Security questions.
As the Member on record, you can change your login email address and 2SA phone number either in “Login Preferences” or “My Contact Information” The email address and phone number in “My Contact Information” will be the same as the information in “Login Preferences”. You will first need to verify your identity by entering the One-Time Pin (OTP) received on SMS or Email to edit the information under “Login Preferences” or “My Contact Information”.
The additional account user can view and change their respective email address and 2SA mobile phone number in the “Login Preferences.”
You will need to verify your identity to edit your personal information under “Login Preferences” or “My Contact Information”, or to access the Payment Services Portal.
If your replacement mobile phone has the same phone number, you are not required to take any action. You will receive the SMS-based OTP on the same number for reauthentication.
If you have access to your old phone number, you can access “My Account” or “Login Preferences” to change the mobile phone number by verifying the OTP.
If you do not have access to your old phone number, please contact your local Herbalife Nutrition Member Services team for support.
Herbalife Nutrition does not charge anything for 2SA. However, you may incur a cost if your telco service provider charges a fee for incoming text messages.
If you have set up a trusted device through the “Remember Me” option, and you are not required to reauthenticate, you can access your account from the trusted device. You can also use other authentication methods – email or Security Question - to verify your identity.
A person can access your account only if they know your login credentials and have physical access to your registered mobile phone or email account.
Once you are enrolled for 2SA, you will not be required to reset your password on a regular basis.
The mobile phone number should be unique for each account and not be duplicated on other accounts.
2SA is currently not applicable for deleted Membership
Once you are enrolled for 2SA, you can use the “Remember Me” option to add multiple device and browser combinations (trusted devices), up to five during the authentication process. Checking the “Remember Me” option can help you avoid OTP prompts whenever you log in to your account from that browser and device for up to 180 days.
Checking the “Remember Me” option can help you avoid OTP prompts whenever you log in to your account from that browser and device for up to 180 days.
Once enrolled for 2SA, you can navigate to “Login Preferences” to remove all the trusted devices.
“Remember Me” remains active for 180 days on each browser and device individually. Please check to see if you are using the same browser you used when you selected that option. Additionally, your device/system should not be set to automatically remove cookies if you want to have it remember you.
Please contact your local Herbalife Nutrition Member Services team for support.
Additional users will have the same access level as the Member on record within MyHerbalife.com. However, the additional user will not be allowed to make changes to the email address and mobile phone number of the Member on record in the “My Contact Information” section.
Additional users will have the same access level as the Member on record within MyHerbalife.com. However, the additional user will not be allowed to make changes to the email address and mobile phone number of the Member on record in the “My Contact Information” section.
Preferred Members cannot grant access to an additional user.
If you already have a prior assistant registered, you will need to first remove their access, which is under the “Secondary Profiles” section in “Login Preferences.”
Once their access has been successfully removed, you will be able to grant access to your new assistant by creating a new secondary profile.
The Member on Record will not be able to make any changes to login related information such as username, password, mobile phone number and security questions for the additional user.
Yes, additional access can be set up on the original ID so that both parties can log in with their own credentials and 2SA mobile phone numbers or email addresses.