Back to Support

Two-Factor Authentication (2FA)

Two-factor authentication adds a second step to sign-in: a time-based code from an authenticator app. Even if someone knows your password, they cannot sign in without access to your phone or device that generates the code.

How it works

After you enable 2FA, every time you sign in to LoginSign you will enter your password (or use another first factor), and then a 6-digit code from your authenticator app. The code changes every 30–60 seconds and is unique to your account. This is based on the TOTP (Time-based One-Time Password) standard, which is supported by most authenticator apps (e.g. Google Authenticator, Authy, 1Password, Microsoft Authenticator).

How to set up 2FA

  1. Install an authenticator app on your phone or device (e.g. Google Authenticator, Authy, or 1Password).
  2. Open your LoginSign Dashboard and go to the Security tab.
  3. Find the Authentication card and click Set up (or open the card and use the button in the sidebar).
  4. Scan the QR code shown on the screen with your authenticator app, or enter the secret key manually if the app supports it.
  5. Enter the 6-digit code from your app to verify and enable 2FA.
  6. From then on, you will be asked for a code each time you sign in.

What to keep in mind

  • Backup codes: Store the secret key or generate backup codes in a safe place when you set up 2FA. If you lose access to your authenticator app, you may need this to recover your account.
  • Time sync: Authenticator apps rely on your device’s time. If your phone or computer time is wrong, codes may fail. Keep automatic time sync enabled.
  • One device: The same secret is usually added to one authenticator app. If you use multiple devices, add the same secret to each app (e.g. phone and tablet) during setup, or use an app that syncs (e.g. Authy, 1Password).
  • Disabling 2FA: You can turn off 2FA from the Security tab. You will need to enter a current code to disable it. After that, sign-in will only require your password (or other first factor).

Security benefits

​2FA greatly reduces the risk of account takeover if your password is leaked or guessed. Attackers would also need physical or remote access to your authenticator app to sign in. We recommend enabling 2FA especially if you use LoginSign for sensitive or work-related accounts.

Tip

If you use a password manager that supports TOTP (e.g. 1Password, Bitwarden), you can store both your password and the 2FA secret there. Keep the master password and 2FA for the password manager itself very strong and secure.

← Back to Support