Unexpectedly receiving a verification code (also called “two-factor authentication token”) from BCFi can happen when someone other than you attempts to access your account. The most common scenario is when you open a third-party app where you may have linked your BCFi account, such as a personal financial management tool. Opening up third-party apps where your BCFi account is linked is detected as a type of log in by BCFi—in some cases, you’ll need to enter this login code on the third-party app to refresh the apps’s connection with BCFi.

If you received a verification code when you were not attempting to log in to your BCFi account, and/or it is not through a third-party app, you should change your password. As a reminder, this password should be unique to your BCFi account and not be used for other online accounts or services.