Skip to content

Security & MFA

Protect your account with Two-Factor Authentication (2FA / MFA).

What is MFA?

Multi-Factor Authentication adds a second layer of security to your login. After entering your password, you are prompted for a one-time code that changes every 30 seconds. Even if someone obtains your password, they cannot log in without your device.

Enabling MFA

  1. Go to Settings → Security (or System → MFA)
  2. Click Enable Two-Factor Authentication
  3. Open an authenticator app on your phone:
  4. Google Authenticator
  5. Authy
  6. Microsoft Authenticator
  7. Scan the QR code shown on screen
  8. Enter the 6-digit code from the app to confirm
  9. Click Activate

MFA is now active on your account.

Logging in with MFA

  1. Enter your email and password as usual
  2. On the next screen, enter the 6-digit code from your authenticator app
  3. Click Verify

The code refreshes every 30 seconds — if it expires before you submit, just use the new one.

Disabling MFA

  1. Go to Settings → Security
  2. Click Disable MFA
  3. Enter your current password to confirm

Warning

Disabling MFA reduces your account security. Only do this if you no longer have access to your authenticator device and you are setting up a new one.

Lost access to your authenticator

If you lose your phone or can't access your authenticator app, contact your administrator. They can reset your MFA from the Admin Panel so you can log in and set it up again.

MFA for your team

Admins can see which users have MFA enabled in Settings → User Management (shield icon next to the user). MFA is always optional per user — it cannot currently be enforced platform-wide from user settings.