Setting up two-factor authentication
Two-factor authentication (2FA) protects your account even if someone learns your password. Enable it in minutes from your settings page.
Key takeaways
- You can use an authenticator app or SMS as a backup
- Recovery codes ensure you can regain access if your device is lost
- 2FA secures logins on web, mobile, and connected devices
Enable 2FA
The setup wizard guides you through adding your first factor.
Step 1
Open security settings
Go to profile settings, then choose the Security tab.
Step 2
Scan the QR code
Use an authenticator app such as 1Password, Authy, or Google Authenticator to scan the code provided.
Step 3
Enter the verification code
Type the 6-digit code generated by your app to confirm everything is linked.
Add backup methods
Backup options prevent lockouts when you upgrade phones or lose access to your authenticator app.
- Download recovery codes and store them in a secure password manager
- Enable SMS codes for temporary access if your authenticator isn't available
- Review trusted devices quarterly and revoke anything you no longer use
Sign-in experience
Here's what to expect the next time you log in.
- You'll be prompted for a 6-digit code after entering your password
- Check 'Remember this device' on private computers to reduce prompts
- Suspicious logins trigger immediate alerts—reset your password if you didn't authorize it
Tips from the pros
- If you switch phones, disable and re-enable 2FA to generate a fresh QR code for your new device.
- Consider using a hardware security key for the strongest protection—support is in public beta.
Common questions
What happens if I lose my phone?
Use a recovery code to sign in, then update your 2FA device in security settings. If you no longer have recovery codes, contact support with identity verification.
Can multiple admins share access?
Each person should use their own account. Sharing credentials bypasses audit logs and weakens security.