Two-factor authentication (2FA)

Two-factor authentication adds an extra layer of protection to your account. In addition to your password, you confirm each login with a device you own – for example, your mobile phone.

When you turn on 2FA, you use an authenticator app such as Authy or Google Authenticator to generate a 6-digit code that refreshes every 30 seconds. You enter this code every time you log in.

The difference between passkeys and authenticator apps

This page covers authenticator apps. If you'd rather use a passkey, see Passkeys.

How to turn on 2FA

1. Go to Settings → Login and security
2. Find the Two-factor (authenticator app) section and click Set up
3. Open the authenticator app on your phone and scan the QR code shown
   • Can't scan it? Enter the key manually by clicking the code below the QR code
4. Once the account is added to the app, click I've added the account
5. Enter the 6-digit code from the app and click Confirm

When setup is complete, 2FA is active. You'll now see the text On – secured with TOTP code and the number of remaining recovery codes.

Save your recovery codes

Important security step

Always save your recovery codes in a safe place. They let you get back into your account if you lose access to the authenticator app.

When you set up 2FA, 10 recovery codes are generated automatically. Each code can be used once. You need to save them before you close the window.

• Click I've saved the codes when you're done
• To download the codes as a file, click Download as file

If you need new recovery codes later, you can regenerate them – but doing so invalidates the old ones. See Recovery codes for more information.

Logging in with 2FA

When 2FA is active, after entering your password you'll be asked for a 6-digit code from your authenticator app.

• Open the app (e.g. Authy or Google Authenticator)
• Find your account and enter the current code
• Click Log in

If you've lost access to the app, use one of your recovery codes instead.

How to turn off 2FA

1. Go to Settings → Login and security
2. Find the Two-factor (authenticator app) section and click Turn off
3. Enter the current 6-digit code from the authenticator app
4. Confirm by clicking Turn off

Once 2FA is turned off, your account is less protected. We recommend keeping 2FA on at all times.

If you lose your authenticator app

Lost your phone or deleted the app?

You can still log in by using one of the recovery codes you saved during setup.

• On the login screen, click Use recovery code
• Enter one of the codes you've saved

After logging in, go to Settings → Login and security and set up 2FA again with a new device.

Need help?

Get in touch via onmeil.eu/contact if you're stuck or have questions about security.