Edge
Documentation / Account & Support

Account Security

Two-Factor Authentication

Add an extra layer of security to your account with TOTP-based 2FA.

Overview

Two-factor authentication (2FA) requires both your password and a time-based one-time password (TOTP) from your authenticator app to sign in. Even if your password is compromised, attackers cannot access your account without the second factor.

Recommendation: We strongly recommend enabling 2FA for all accounts, especially those with access to production infrastructure.

Works with OAuth

2FA is enforced even when signing in with Google or GitHub.

Recovery Codes

Backup codes ensure you're never locked out of your account.

Industry Standard

TOTP-based, compatible with all major authenticator apps.

Compatible Authenticator Apps

Any TOTP-compatible authenticator app will work. Popular options include:

  • Google Authenticator — Available for iOS and Android
  • Authy — Cross-device sync and desktop app
  • 1Password — Integrated password manager with TOTP
  • Microsoft Authenticator — Works with Microsoft accounts too
  • Bitwarden — Open-source password manager with TOTP

Enabling Two-Factor Authentication

  1. Navigate to Settings → Security in your control panel
  2. Find the Two-Factor Authentication section and click Enable
  3. Scan the QR code with your authenticator app (or enter the secret manually)
  4. Enter the 6-digit code from your app to verify
  5. Save your recovery codes in a secure location

Screenshot: 2FA setup with QR code

Save Your Recovery Codes

Recovery codes are shown only once when you enable 2FA. Store them securely — they're the only way to access your account if you lose your authenticator device.

Signing In with 2FA Enabled

Once 2FA is enabled, the sign-in process requires an additional step:

  1. Enter your email and password (or sign in with Google/GitHub)
  2. You'll be prompted for your 6-digit authentication code
  3. Open your authenticator app and enter the current code
  4. You're now signed in

The authentication code changes every 30 seconds. If a code doesn't work, wait for the next one and try again.

Recovery Codes

When you enable 2FA, you'll receive a set of recovery codes. Each code can only be used once and allows you to access your account if you lose your authenticator device.

Best Practices

  • Store recovery codes in a password manager or secure vault
  • Keep a printed copy in a secure physical location
  • Never share recovery codes with anyone
  • Generate new codes if you suspect they've been compromised

Generating New Recovery Codes

If you've used most of your recovery codes or suspect they've been compromised, you can generate a new set:

  1. Navigate to Settings → Security
  2. In the 2FA section, you'll see how many recovery codes remain
  3. Click to generate new codes (requires your current 2FA code)
  4. Important: Generating new codes invalidates all previous codes

Disabling Two-Factor Authentication

If you need to disable 2FA (not recommended):

  1. Navigate to Settings → Security
  2. Click Disable 2FA
  3. Enter your current authentication code or a recovery code to confirm

Disabling 2FA significantly reduces your account security. Consider keeping it enabled and using recovery codes if you're concerned about device access.

Troubleshooting

Code not working?

TOTP codes are time-based. Ensure your device's clock is accurate. Most authenticator apps handle this automatically, but if you're having issues, check your device's time settings.

Lost your authenticator device?

Use one of your recovery codes to sign in. Once signed in, you can disable 2FA and set it up again with your new device.

Lost both device and recovery codes?

Contact support. You'll need to verify your identity before we can help recover your account. This process may take several business days.

Back to Docs Need help?