Open Settings and scroll to the 2 Factor Authentication card.
Click Enable 2FA.
Scan the QR code with an authenticator app (Google Authenticator, Authy, 1Password, etc.), or copy the secret key shown below the QR code and enter it manually in the app.
The app starts generating 6-digit codes that rotate every 30 seconds.
Enter the current code in the Verification Code field and click Verify & Enable to confirm.
After entering your email and password, you are taken to a second screen and prompted for the 6-digit code from your authenticator. Only once the code is verified do you reach the dashboard. The screen also has a Log Out button if you need to cancel.
When you enable 2FA, you receive 10 single-use recovery codes. Each code can be used once if you lose access to your authenticator. Save them somewhere safe (a password manager is ideal) — the platform shows them only once and stores only their hashes.
If you lose your device, sign in with your email and password as normal.
On the 2FA screen, click 'Use a recovery code instead'.
Enter one of your saved codes. The code is consumed and 2FA is automatically disabled on your account.
Re-enable 2FA from Settings to receive a fresh set of codes.
You can regenerate your recovery codes at any time from the 2 Factor Authentication card. Regenerating invalidates the previous set, so be sure to save the new codes before closing the dialog.
If MFA is active, a Disable 2FA button appears in the 2 Factor Authentication card. Click it and confirm with your current 6-digit authenticator code to remove the factor.
