two factor authentication

Two-Factor Authentication Settings

Configure and manage your two-factor authentication methods for enhanced account security.

Overview

The Two-Factor Authentication (2FA) settings page allows you to:

  • Set up and manage 2FA methods
  • View and manage trusted devices
  • Generate and regenerate backup codes
  • Disable 2FA methods

Page Location

/settings/two-factor

Authentication Methods Section

Authenticator App

Set up an authenticator app (Google Authenticator, Microsoft Authenticator, Authy, etc.) for time-based one-time passwords.

Setup Steps:

  1. Click "Authenticator App"
  2. Scan the QR code with your authenticator app
  3. Enter the 6-digit verification code
  4. Setup is complete

Benefits:

  • Works offline
  • Most secure 2FA option
  • Fast code generation

SMS Verification

Receive verification codes via text message.

Setup Steps:

  1. Click "SMS Verification"
  2. Select your country code
  3. Enter your phone number
  4. Click "Send verification code"
  5. Enter the code received via SMS

Requirements:

  • Valid mobile phone number
  • SMS capability on your phone

Email Verification

Receive verification codes via email to your account email address.

Setup Steps:

  1. Click "Email Verification"
  2. Click "Send verification code"
  3. Enter the code received via email

Note: Codes are sent to your account email address on file.

Backup Codes

Generate one-time use codes for emergency access.

Setup Steps:

  1. Click "Backup Codes"
  2. 10 random codes are generated
  3. Save codes in a secure location
  4. Codes are shown only once

Important:

  • Each code can only be used once
  • Store codes securely (password manager, safe, etc.)
  • Cannot be recovered if lost
  • Regenerate if lost or used

Configured Methods

View all your enabled 2FA methods with management options:

View

For backup codes, click "View" to see your remaining codes.

Regenerate

For backup codes, click "Regenerate" to:

  • Invalidate all old codes
  • Generate new set of 10 codes
  • Save new codes immediately

Disable

For authenticator, SMS, and email methods:

  1. Click "Disable" next to the method
  2. Confirm the action
  3. Method is removed from your account

Warning: Disabling all 2FA methods reduces your account security. Keep at least one method enabled.

Trusted Devices Section

Viewing Trusted Devices

See all devices that can skip 2FA verification:

  • Device name (e.g., "Chrome on Windows")
  • Device type (iOS, Android, Mac, Windows PC)
  • Last used date

Removing a Device

  1. Find the device in the list
  2. Click the trash icon
  3. Confirm removal
  4. Device will require 2FA on next login

Remove All Devices

  1. Click "Remove all" button
  2. Confirm the action
  3. All trusted devices are removed
  4. You'll need to verify 2FA on every device

Use this option when:

  • You suspect unauthorized access
  • You've lost a device
  • You want to force 2FA on all logins

Security Notice

The page displays important security information:

  • Enable at least two 2FA methods for account recovery
  • Save backup codes in a secure location
  • Trusted devices skip 2FA for 30 days
  • You can disable 2FA, but we recommend keeping it enabled

Related Topics