> ## Documentation Index
> Fetch the complete documentation index at: https://docs.digitalfyre.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Account Security

DigitalFyre enforces two-factor authentication (2FA) on all customer accounts. This is required for auditor compliance and protects your account, billing information, and services from unauthorized access.

## What is 2FA

Two-factor authentication requires two forms of identification to log in:

1. Something you know — your password
2. Something you have — an authenticator app or access to your email

DigitalFyre supports two methods:

* **Authenticator App** — generates a 6-digit code that refreshes every 30 seconds
* **Email 2FA** — sends a one-time code to your registered email address at login

## Setting Up 2FA

<Steps>
  <Step title="Go to Security Settings">
    Log in to the [Client Portal](https://console.digitalfyre.com), click your name in the top-right corner, and select **Security Settings**.
  </Step>

  <Step title="Enable Two-Factor Authentication">
    Click **Enable Two-Factor Authentication** and choose your preferred method.
  </Step>

  <Step title="Complete Setup">
    <Tabs>
      <Tab title="Authenticator App">
        Download an authenticator app (Google Authenticator, Authy, or Microsoft Authenticator), scan the QR code, enter the 6-digit code to confirm, and save your backup codes.
      </Tab>

      <Tab title="Email 2FA">
        Confirm your registered email address is active, enter the 6-digit code sent to your email, and save your backup codes.
      </Tab>
    </Tabs>
  </Step>
</Steps>

## Logging In with 2FA

<Tabs>
  <Tab title="Authenticator App">
    Enter your email and password, then enter the 6-digit code from your authenticator app. Codes refresh every 30 seconds.
  </Tab>

  <Tab title="Email 2FA">
    Enter your email and password. A 6-digit code is sent to your registered email. Enter the code to complete login. Codes expire after a short window — request a new one if yours expires.
  </Tab>
</Tabs>

## Backup Codes

When you enable 2FA, you receive 10 single-use backup codes. Store them securely — in a password manager or printed in a safe place. Never share them.

Use a backup code if you cannot access your authenticator app or email. Each code works once only.

To generate new backup codes, go to **Security Settings → Regenerate Backup Codes**. This invalidates all previous codes.

## Disabling 2FA

<Steps>
  <Step title="Go to Security Settings">
    Log in and navigate to **Security Settings**.
  </Step>

  <Step title="Disable Two-Factor Authentication">
    Click **Disable Two-Factor Authentication**, enter your password, then enter your current 2FA code or a backup code to confirm.
  </Step>
</Steps>

<Note>
  We strongly recommend keeping 2FA enabled at all times.
</Note>

## Setting a 2FA Passphrase

A 2FA Passphrase is a phrase only you know that allows support to verify your identity and disable 2FA on your behalf if you lose access.

To set one, go to **Account Details** in the Client Portal and fill in the **2FA Passphrase** field. Keep this phrase private and memorable.

See [Lost 2FA Access](/client-portal/account-management/lost-2fa-access) for how to use it.

## Troubleshooting

**Authenticator code not working** — Ensure your device's time is accurate. 2FA codes are time-based. Wait for the next code if the current one just appeared.

**Email code not arriving** — Check your spam folder. Verify your registered email is correct and active. Request a new code if the previous one expired.

**Lost backup codes** — Log in using your authenticator or email 2FA, then go to **Security Settings** to regenerate new codes.
