Enable multi-factor authentication
Add a TOTP authenticator app or backup codes to your account.
Multi-factor authentication (MFA) adds a second verification step at login. HOWLOPS supports time-based one-time passwords (TOTP) compatible with any standard authenticator app.
Prerequisites
- A TOTP-compatible authenticator app installed on your phone (for example: Google Authenticator, Authy, 1Password, Bitwarden).
Enable MFA
- Go to Settings > Security.
- Click Enable two-factor authentication.
- Open your authenticator app and scan the QR code displayed.
- Alternatively, click Enter key manually and type the text key into your app.
- Enter the six-digit code generated by the app to confirm the pairing.
- Save the backup codes shown. Store them somewhere secure — each code can be used once if you lose access to your authenticator.
- Click I have saved my backup codes to finish.
MFA is now active. You will be prompted for a code at each new login.
Backup codes are shown only once. If you close the dialog without saving them, generate a new set immediately via Settings > Security > Backup codes > Regenerate.
Disable MFA
- Go to Settings > Security.
- Click Disable two-factor authentication.
- Enter your current password to confirm.
Workspace admins can enforce MFA for all members via Settings > Security > Require MFA. If enforcement is active, you cannot disable MFA on your own account.
Generate new backup codes
If you have used several backup codes or want to rotate them:
- Go to Settings > Security.
- Under Backup codes, click Regenerate.
- Enter your TOTP code to confirm.
- Save the new set — all previous codes are invalidated immediately.
Troubleshooting
If your TOTP code is rejected, ensure your device clock is accurate (TOTP is time-sensitive). See Login issues for further diagnostics.
See also
Was this page helpful?