Security

Set up two-factor authentication (2FA)

A step-by-step guide to protecting your account with a second factor — from scratch, in a few minutes.

Overview

What is two-factor authentication?

Two-factor authentication (2FA) adds a second step to sign-in: after your password, you also enter a short code from an app on your phone. Even if your password leaks, nobody can get in without that code.

Stronger protection

A stolen password is no longer enough to access your account.

Required for sensitive actions

Some actions, like issuing an API key, ask you to confirm a code.

Backup codes included

One-time recovery codes let you sign in if you lose your phone.

How long does it take?

Setting up 2FA takes about two minutes and only needs to be done once per account.

Requirements

What you need

An authenticator app on your phone that generates time-based codes. Any of these work:

Google Authenticator

Authy

1Password

Microsoft Authenticator

No authenticator app yet?

Install one of the apps above from your phone's app store before you start. They are free and work offline.

Step by step

Enabling 2FA from scratch

  1. 1

    Open your profile security settings

    In the platform, open your profile and go to the Security tab. Two-factor authentication lives here, under the Enable 2FA button.

    Open your profile security settings
    The Security tab in your profile with the Enable 2FA button.
  2. 2

    Enable 2FA and confirm your password

    Click Enable 2FA. For your safety, you are asked to confirm your current account password before setting up the second factor.

    Enable 2FA and confirm your password
    The password confirmation step before setting up 2FA.
  3. 3

    Scan the QR code in your authenticator app

    Open an authenticator app (Google Authenticator, Authy, 1Password, Microsoft Authenticator, …) and scan the QR code. Can't scan it? Type the secret shown below the code into the app manually.

    Scan the QR code in your authenticator app
    The setup screen with the QR code and the manual secret.
  4. 4

    Save your backup codes and enter the 6-digit code

    Copy the one-time backup codes shown on the same screen and store them somewhere safe, such as a password manager. Then type the current 6-digit code from your authenticator app to confirm.

    Save your backup codes and enter the 6-digit code
    The one-time backup codes and the field for the 6-digit code.
  5. 5

    You're all set

    Two-factor authentication is now active on your account. From now on you'll confirm a code when signing in and when performing sensitive actions.

    You're all set
    The Security tab showing two-factor authentication enabled.
Backup codes

Keep your backup codes safe

Backup codes are your safety net. Each one signs you in a single time if you don't have your authenticator app on hand.

Store them somewhere safe

Save the codes in a password manager, not in the same place as your password. Treat them like a spare key.

Regenerate when needed

Running low or think a code was exposed? Regenerate a fresh set from the Security tab — the old codes stop working.

Don't lose both at once

If you lose your authenticator app and your backup codes, you may be locked out and need an administrator to help you recover access. Keep the backup codes somewhere you can always reach.

Recovery

If you lose access to your app

Use a backup code

On the verification screen, choose Use a backup code and enter one of the codes you saved.

Get a code by email

Choose Send code by email on the verification screen to receive a one-time code in your inbox.

Ask an administrator

If you can't use either option, an organization administrator can help you regain access to your account.

FAQ

Frequently Asked Questions

Any TOTP-compatible app works — Google Authenticator, Authy, 1Password, or Microsoft Authenticator are all good choices. If you already use a password manager with a built-in authenticator, that works too.

Every authenticator app lets you add an account manually. Choose that option and type the secret shown below the QR code on the setup screen.

Backup codes are one-time codes that sign you in when you don't have your authenticator app — for example if you lose or replace your phone. Store them somewhere safe and separate from your password.

On the verification screen you can also request a code by email. If that isn't available, an organization administrator can help you recover access. This is why keeping your backup codes safe matters.

Yes — after your password you enter the current 6-digit code from your authenticator app. You'll also be asked to confirm a code for sensitive actions, such as creating an API key.

You can disable 2FA from the Security tab in your profile, though we recommend keeping it on. Note that some organizations require 2FA, and some actions won't be available without it.

Need More Information?

If you have questions about two-factor authentication, backup codes, or recovering access, please contact us.

Email Support

Contact your administrator or our support team

Generate an API key

With 2FA enabled, you can issue API keys for external certifiers.