Two-factor authentication (2FA) increases the security of your account by always requiring two 'factors' to login to your account, instead of just one. Even if someone acquires your account password, they won't be able to login to your account without also gaining access to the second factor.

The first factor required is the same password you already use to login.

You can choose from two different second factors: email or TOTP app (e.g. Authy or Google Authenticator (for Android or iOS)). In both cases, you'll be given a one-time password every time you login to your account that you'll need to enter into

Setting up 2FA

2FA can be enabled for your account from the Preferences page. A link to that page is listed under your account email on the sidebar menu:

On the Preferences page, click or tap the button labeled "Enable 2 factor authentication":

You'll see two options for your second factor for 2FA:

The default second factor is email – "Email a code". Every time you login, a one-time security code or password will be emailed to you. You'll need to enter or copy and paste the code in

If you'd prefer to use a TOTP app, click or tap the option labeled "Authy or Google Authenticator app". Instead of receiving the one-time passwords by email, you'll use a TOTP app to generate the passwords. You'll still need to enter or copy and paste those passwords into

TOTP app setup

If you select the TOTP app option, you'll need to setup the app you want to use.

  1. Open the TOTP app and scan the QR code shown in
  2. The app should show you a security code or password; enter the code in and click or tap the Validate Token button.

You should see the following success message at the top of the Preferences page if was able to complete the setup for the app:

Using 2FA

With 2FA enabled, you'll still need to enter your email address and password as usual – your regular password will always be the first factor:

Once confirms that your email address and password are correct, you'll see one of the two following pages, depending on whether you picked the email or TOTP app options to be your second factor:

In both cases, completing logging-in consists of the same basic step: supplying a one-time security code or password.


If you chose email as your 2FA option, check your email and look for one from with a subject like " login code". The one-time password included in these emails expires after 20 minutes. If you don't receive an email, you can click or tap the "resend email" link to request another email (with a new one-time password).

TOTP app

If you chose to use a TOTP app as your 2FA option, open that app and select the account in it that should have been created when you setup 2FA in

You should see a security code or password for your account in the TOTP app you setup. Enter that password into

Note that the one-time passwords generated by TOTP apps are 'time based', i.e. they change regularly, e.g. every 30 seconds. You may need to enter a second password from your app if the first one expires before it can be validated by Your app should show you new passwords automatically as they're generated.

Having trouble with receiving or accessing your 2FA code?

Please contact our team at