HomeDocsAccount › Two-Factor Authentication

Two-Factor Authentication

Add an extra layer of security to your account with authenticator app verification.

Overview

Two-factor authentication (2FA) adds a second verification step when you sign in. After entering your password, you are prompted for a time-based one-time password (TOTP) generated by an authenticator app on your phone. This protects your account even if your password is compromised.

Enabling 2FA

To enable two-factor authentication:

  1. Navigate to your profile and select Two-Factor Authentication.
  2. Install an authenticator app on your mobile device if you do not already have one. Supported apps include:
    • Google Authenticator (Android / iOS)
    • Microsoft Authenticator (Android / iOS)
    • Authy (Android / iOS / Desktop)
  3. Scan the QR code displayed on screen with your authenticator app, or manually enter the setup key.
  4. Enter the 6-digit verification code shown in your authenticator app to confirm the setup.
  5. Click Verify & Enable.
Tip

If you cannot scan the QR code, click Show setup key to reveal a text code you can type into your authenticator app manually.

Using 2FA at Login

Once 2FA is enabled, the login process changes as follows:

  1. Enter your email and password as usual.
  2. On the second screen, open your authenticator app and enter the current 6-digit code.
  3. Click Verify to complete the sign-in.

Codes rotate every 30 seconds. If a code has just expired, wait for the next one and try again.

Recovery Codes

When you enable 2FA, a set of recovery codes is generated. These are single-use codes that let you sign in if you lose access to your authenticator app.

Warning

Store your recovery codes in a safe place (for example, a password manager or a printed copy in a secure location). Each code can only be used once. If you run out of recovery codes and lose your authenticator, you will need to contact support to regain access to your account.

To use a recovery code at login, click Use a recovery code on the two-factor verification screen and enter one of your unused codes.

Regenerating Recovery Codes

You can generate a new set of recovery codes at any time from the Two-Factor Authentication settings page. Click Reset Recovery Codes. This invalidates all previously issued codes and provides a fresh set.

Resetting Authenticator

If you change your phone or need to switch authenticator apps:

  1. Go to your Two-Factor Authentication settings.
  2. Click Reset Authenticator.
  3. Confirm the action. This disables 2FA temporarily and clears your current authenticator key.
  4. Set up 2FA again by scanning a new QR code with your new authenticator app.
Info

Resetting the authenticator also invalidates all existing recovery codes. New recovery codes are generated when you re-enable 2FA.

Disabling 2FA

To disable two-factor authentication entirely:

  1. Navigate to Two-Factor Authentication in your account settings.
  2. Click Disable 2FA.
  3. Confirm with your current password.

After disabling, you will only need your email and password to sign in. All recovery codes are invalidated.

Related: Registration · Your Profile