Set up two-factor authentication
Two-factor authentication (2FA) adds a second step when you sign in: after your password, you enter a 6-digit code from an authenticator app on your phone. It's optional, but strongly recommended — it keeps your account safe even if your password is compromised.
What you'll need
An authenticator app on your phone. Any of these work:
- Google Authenticator
- 1Password
- Authy
- Microsoft Authenticator
Turn it on
- Go to Settings → Profile.
- Find Two-factor authentication and click Enable.
- Enter your password to confirm it's you.
- Scan the QR code with your authenticator app. (Can't scan? Type the secret shown below the code into the app instead.)
- Enter the 6-digit code your app shows to confirm.
- Save your backup codes — copy or download them and store them somewhere safe.
Two-factor authentication is now on. The next time you sign in, we'll ask for a code after your password.
Signing in with 2FA
- Enter your email and password as usual.
- On the next screen, enter the current 6-digit code from your authenticator app.
- Optionally check Trust this device for 30 days to skip the code on that device for a month. Only do this on devices you own.
Backup codes
Backup codes let you sign in if you lose access to your authenticator app. Each code works once.
- You get them when you first enable 2FA.
- Store them somewhere separate from your phone (a password manager is ideal).
- To get a fresh set, go to Settings → Profile → Two-factor authentication → Manage → Regenerate codes. Generating new codes invalidates the old ones.
Using a backup code
If you don't have your authenticator app at sign-in, choose Use a backup code instead on the code screen and enter one of your saved codes.
Turn it off
- Go to Settings → Profile.
- Click Manage next to Two-factor authentication.
- Under Turn off two-factor, confirm your password and click Disable two-factor.
Lost your phone and your backup codes?
If you've lost both your authenticator app and your backup codes, contact us at troy@schedulin.app from the email address on your account and we'll help you recover access.
Signed up with Google?
Two-factor authentication protects the password step of sign-in. If you sign in with Google, keep two-factor authentication enabled on your Google account for the same protection.