Two-Factor Authentication Settings

Configure and manage your two-factor authentication methods for enhanced account security. ## Overview The Two-Factor Authentication (2FA) settings page allows you to: - Set up and manage 2FA methods - View and manage trusted devices - Generate and regenerate backup codes - Disable 2FA methods ## Page Location ``` /settings/two-factor ``` ## Authentication Methods Section ### Authenticator App Set up an authenticator app (Google Authenticator, Microsoft Authenticator, Authy, etc.) for time-based one-time passwords. **Setup Steps**: 1. Click "Authenticator App" 2. Scan the QR code with your authenticator app 3. Enter the 6-digit verification code 4. Setup is complete **Benefits**: - Works offline - Most secure 2FA option - Fast code generation ### SMS Verification Receive verification codes via text message. **Setup Steps**: 1. Click "SMS Verification" 2. Select your country code 3. Enter your phone number 4. Click "Send verification code" 5. Enter the code received via SMS **Requirements**: - Valid mobile phone number - SMS capability on your phone ### Email Verification Receive verification codes via email to your account email address. **Setup Steps**: 1. Click "Email Verification" 2. Click "Send verification code" 3. Enter the code received via email **Note**: Codes are sent to your account email address on file. ### Backup Codes Generate one-time use codes for emergency access. **Setup Steps**: 1. Click "Backup Codes" 2. 10 random codes are generated 3. **Save codes in a secure location** 4. Codes are shown only once **Important**: - Each code can only be used once - Store codes securely (password manager, safe, etc.) - Cannot be recovered if lost - Regenerate if lost or used ## Configured Methods View all your enabled 2FA methods with management options: ### View For backup codes, click "View" to see your remaining codes. ### Regenerate For backup codes, click "Regenerate" to: - Invalidate all old codes - Generate new set of 10 codes - Save new codes immediately ### Disable For authenticator, SMS, and email methods: 1. Click "Disable" next to the method 2. Confirm the action 3. Method is removed from your account > **Warning**: Disabling all 2FA methods reduces your account security. Keep at least one method enabled. ## Trusted Devices Section ### Viewing Trusted Devices See all devices that can skip 2FA verification: - Device name (e.g., "Chrome on Windows") - Device type (iOS, Android, Mac, Windows PC) - Last used date ### Removing a Device 1. Find the device in the list 2. Click the trash icon 3. Confirm removal 4. Device will require 2FA on next login ### Remove All Devices 1. Click "Remove all" button 2. Confirm the action 3. All trusted devices are removed 4. You'll need to verify 2FA on every device **Use this option when**: - You suspect unauthorized access - You've lost a device - You want to force 2FA on all logins ## Security Notice The page displays important security information: - Enable at least two 2FA methods for account recovery - Save backup codes in a secure location - Trusted devices skip 2FA for 30 days - You can disable 2FA, but we recommend keeping it enabled ## Related Topics - [Two-Factor Authentication Guide](../../../guide/modules/20-Two-Factor-Authentication.md) - [User Account Setup](../../../guide/basics/01-User-Account-Setup.md) - [Security Best Practices](../../../guide/modules/12-Compliance-and-Security.md)