What is 2FA and why use it?

Two-factor authentication (2FA)

Figure — 2FA prompt (image constrained via query params).

---

What it is

{{fg: gray-800, xs: size-14, lg: size-16::2FA adds a second proof of identity in addition to your password.}}

• {{bg: neutral-50, fg: neutral-800, px-8, py-2, round-8::Something you know → password}}
• {{px-8, py-2, round-8, bg: info-50, fg: info-800::Something you have → phone/app/hardware key}}
• {{bg: success-50, fg: success-800, px-8, py-2, round-8::Sometimes: something you are → biometrics}}

---

Why use it

• {{bg: success-50, fg: success-800, px-8, py-2, round-8::Blocks stolen passwords}} — attackers still need the second factor.
• {{bg: info-50, fg: info-800, px-8, py-2, round-8::Stops most phishing}} — codes/approvals expire quickly.
• {{bg: warning-50, fg: warning-800, px-8, py-2, round-8::Limits password reuse risk}} — even if reused elsewhere.
• {{bg: neutral-50, fg: neutral-800, px-8, py-2, round-8::Alerts you to suspicious sign-ins}} — unexpected prompts = red flag.

---

Common 2FA methods

{{xs: size-13, lg: size-14, fg: gray-700::Prefer app codes, push, or hardware keys. Keep SMS/email only as a fallback.}}

---

Enable it (quick steps)

{{bg: neutral-50, round-12, px-14, py-10, display: block::

1. Open Settings → Security → Two-factor authentication
2. Choose a method:
   • Authenticator app (recommended)
   • Hardware key
   • SMS / Email (fallback)
3. Scan the QR or register the key, then enter the code to confirm.
4. Save & finish — store your backup codes. }}

Heads-up — If you change phones, update your 2FA method before wiping the old device.

---

Best practices

• Save backup codes in a password manager.
• Add a second factor (e.g., app and hardware key).
• Avoid SMS as primary — SIM-swap risks.
• Update 2FA when you change phones.

Need help enabling 2FA? Open Help → Contact support.