Two-Factor Authentication

Two-factor authentication (2FA) adds a second layer of security to your account. Even if your password is compromised, an attacker cannot log in without your second factor.

Enable TOTP 2FA

1. Go to Settings → Security → Two-Factor Authentication.
2. Click Enable 2FA.
3. Scan the QR code with an authenticator app (Google Authenticator, Authy, 1Password, etc.).
4. Enter the 6-digit code from your authenticator app to confirm.
5. Save your backup codes. Store them somewhere safe — you'll need one if you lose your authenticator device.

Backup codes

You receive 8 single-use backup codes when you enable 2FA. Each code can be used once in place of a TOTP code. After using all backup codes, generate new ones from Settings → Security → Regenerate Backup Codes.

Device approval

New devices that log into your account trigger a device-approval notification. You'll receive an email and (if enabled) a push notification on your existing trusted device. You can approve or reject the new session from the notification.

Disable 2FA

Go to Settings → Security → Two-Factor Authentication and click Disable 2FA. You'll be asked to confirm with your current TOTP code. Note: disabling 2FA reduces account security — we recommend keeping it enabled.

Next steps

• Manage active sessions →
• Set up end-to-end encryption →