Account Security

Two-factor authentication (MFA) adds an extra layer of security to your account. When enabled, you need both your password and a code from an authenticator app to sign in.

Navigate to the Security page in your dashboard sidebar to manage your MFA settings. The page shows whether MFA is currently enabled or disabled.

Click "Enable MFA" on the Security page to start the setup process.

Step 1: Scan the QR code with your authenticator app (Google Authenticator, Authy, 1Password, or any TOTP-compatible app). If you cannot scan the code, you can enter the secret key manually.

Step 2: Enter the 6-digit code from your authenticator app to verify the setup is working.

Step 3: Save your recovery codes. These are one-time-use codes that let you sign in if you lose access to your authenticator app. Store them somewhere safe — you will not be able to see them again.

Recovery codes are backup codes you can use to sign in if you lose access to your authenticator app. Each code can only be used once.

If you need new recovery codes, click "Regenerate recovery codes" on the Security page. You will need to enter your password to confirm. Your old codes will stop working immediately.

Store your recovery codes in a safe place — a password manager, a printed copy in a secure location, or another safe backup method.

To disable MFA, click "Disable MFA" on the Security page and enter your password to confirm. After disabling, you will only need your password to sign in.