Securing Your Account with Two-Factor Authentication

Why enable 2FA?

Two-factor authentication (2FA) adds a one-time code to every login. Even if a password leaks, an attacker cannot reach your services without the code from your phone or password manager.

Step 1 — Open security settings

Click your avatar in the top-right and choose Security. Find the Two-Factor Authentication card and click Enable.

Step 2 — Scan the QR code

Open any TOTP-compatible app and scan the code that appears. Common choices:

  • Google Authenticator
  • 1Password / Bitwarden / Dashlane
  • Authy
  • Microsoft Authenticator

Step 3 — Confirm a code

Type the 6-digit code your app shows back into the panel. Once it accepts, 2FA is active.

Step 4 — Save your recovery codes

The panel will display ten one-time recovery codes. Save them somewhere safe — a password manager is ideal. If you ever lose access to your TOTP device, these codes are the only way back in without contacting support.

If you lose both your TOTP device and your recovery codes, support will need to verify your identity manually before resetting 2FA. Save the codes.

Disabling 2FA

You can turn 2FA off from the same Security page, but we strongly recommend keeping it enabled for any account that controls servers or billing.

Back to Knowledge Base