How it works
After you turn it on, signing in takes two things: something you know (your password) and something you have (a code from an app on your phone that changes every 30 seconds).
1 Open Security and start setup
2 Scan the QR code with an authenticator app
Any standard authenticator app works — Google Authenticator, Microsoft Authenticator, Authy, 1Password, and others. Open your app, choose "add / scan", and point it at the QR code on screen. (On the same device? Tap "Open in an app on this device" instead.)
3 Confirm with the 6-digit code
Your app now shows a 6-digit code that changes every 30 seconds. Type the current one and choose Turn on two-factor. That confirms the app and you is linked.
4 Save your recovery codes
You'll be given a set of one-time recovery codes. These are your way back in if you ever lose your phone — treat them like spare keys.
Everyday use & troubleshooting
- Signing in: enter your password, then the current 6-digit code from your app.
- New phone: turn 2FA off (you'll need a code or a recovery code), then set it up again on the new device.
- Lost your phone: use a recovery code to get in, then re-set-up 2FA. If those are gone too, ask an administrator to reset you.
- Turning it off: Security → turn off two-factor (kept simple, but we recommend leaving it on).