How to Enable Two-Factor Authentication (2FA)
Last updated on October 19, 2024
Add a Second Layer of Protection to Your Account
Two-Factor Authentication (2FA) prevents unauthorized access by requiring a one-time code in addition to your password. We support both authenticator apps and email-based codes.
Why Enable 2FA?
- Blocks attackers even if they discover your password.
- Alerts you immediately if someone tries to log in.
- Required for contributors with elevated permissions (authors, broker admins).
Enabling Authenticator App 2FA
- Log in and navigate to Profile → Security.
- Click "Enable Two-Factor Authentication".
- Choose "Authenticator App" (recommended).
- Scan the QR code using Google Authenticator, Authy, or Microsoft Authenticator.
- Enter the six-digit code generated by the app and click "Verify".
- Download your backup codes and store them securely.
Email-Based 2FA (Backup Option)
- Choose "Email Codes" if you can't install an authenticator app.
- Each login triggers an email with a one-time verification code.
- Less secure than app-based 2FA but better than password alone.
Managing Devices
- View active sessions on the Security page.
- Revoke access to any device you don't recognize.
- If you lose your phone, use backup codes to sign in and disable 2FA temporarily.
Troubleshooting
- Authenticator code rejected? Ensure device time is set to automatic.
- Lost access to 2FA device? Use backup codes or contact support with identity verification.
- Not receiving email codes? Check spam folder, whitelist [email protected].