Enhanced account security
Two-factor authentication (2FA) adds an extra layer of security to your account by requiring a second form of verification beyond your password. Learn how to set it up and manage it effectively.
Why use two-factor authentication?
Protection against unauthorized access
Password-only security
If your password is compromised through phishing, breaches, or guessing, attackers can access your account immediately.
With 2FA enabled
Even if your password is stolen, attackers still need access to your second factor (phone, authenticator app) to log in.
Setting up two-factor authentication
Access security settings
Navigate to your account settings and find the Security or Two-Factor Authentication section. You'll need to be logged in to configure 2FA.
Choose your 2FA method
Select your preferred second factor method. We recommend authenticator apps for the best security.
Set up authenticator app
Download an authenticator app and scan the QR code displayed on screen. The app will generate time-based one-time passwords (TOTP).
- • Google Authenticator (iOS/Android)
- • Authy (iOS/Android/Desktop)
- • Microsoft Authenticator (iOS/Android)
- • 1Password (with 2FA support)
- • LastPass Authenticator
Verify and save backup codes
Enter the code from your authenticator app to verify setup. Then save your backup codes in a secure location for account recovery.
Backup codes are your only way to recover access if you lose your phone or authenticator app. Store them securely, like in a password manager or printed and locked away.
How two-factor authentication works
Enter your password
First, enter your email and password as usual on the login page.
Enter verification code
Open your authenticator app and enter the 6-digit code displayed for our service.
Access granted
If both factors are correct, you'll be logged in to your account.
Managing your 2FA settings
Changing Devices
- • Go to security settings
- • Select "Change Authenticator"
- • Scan new QR code
- • Verify with new device
- • Old device stops working
Backup Codes
- • Generate new codes anytime
- • Each code can be used once
- • Store securely offline
- • Use for account recovery
- • Regenerate if compromised
Recovery Options
- • Use backup codes
- • Contact support with verification
- • Provide account details
- • May require identity verification
- • Recovery can take 24-48 hours
Disabling 2FA
- • Go to security settings
- • Verify identity first
- • Confirm disabling
- • Account becomes less secure
- • Re-enable anytime
Troubleshooting 2FA issues
Codes not working
Your verification codes are being rejected during login.
- • Device time is incorrect - sync with NTP
- • App not properly configured
- • Wrong account in authenticator
- • Codes expired (30-second window)
- • Network connectivity issues
- • Check and correct device time
- • Re-scan QR code in authenticator
- • Try backup codes if available
- • Contact support for account recovery
Lost access to authenticator
You can't access your authenticator app due to lost/stolen phone or app issues.
- • Use backup codes if you saved them
- • Access from another configured device
- • Use SMS backup if enabled
- • Contact support with account details
- • Verify identity through email
- • May require additional verification
- • Recovery typically takes 24-48 hours
2FA security best practices
Use authenticator apps over SMS
Authenticator apps are more secure than SMS, which can be intercepted through SIM swapping attacks.
Keep backup codes secure
Store backup codes in a secure password manager or offline in a locked safe. Never store them digitally.
Enable 2FA on all important accounts
Use 2FA on your email, banking, and other critical accounts to create a security chain.
Regularly rotate backup codes
Generate new backup codes periodically and securely dispose of old ones.
Monitor account activity
Regularly check your account activity logs for any suspicious login attempts.
Need help with 2FA?
Having trouble setting up or using two-factor authentication? Our security team can help you get it configured properly.