Two factor authentication (2FA)

What is 2FA?

2FA means two factor authentication and is essential to web security because it immediately neutralizes the risks associated with compromised passwords. If a password is hacked, guessed, or even phished, that's no longer enough to give an intruder access: without approval at the second factor, a password alone is useless. With two-factor authentication, you'll protect your account with both password and a code from your phone. A mobile authentication app (like Google Authenticator) is needed to activate and use two-factor authentication, so make sure to download this before activating the 2FA. 

To activate 2FA, after you've logged in, click in the top right of your window on your account-name, and then on 'My profile'.

On this screen you'll find 'Account security', with 2FA as the second option. 

Click on 'activate two-factor authentication'. The following window will pop up. 

Scan the QR code with a mobile authentication app (like Google Authenticator) to activate two-factor authentication, or enter the secret mentioned below manually. Fill in your current password and click on 'verify'. 

Now you've set up your 2FA. A window will pop up with this confirmation and a list of recovery codes (see image below). Make sure you copy and store the received recovery codes safely, if you ever lose access to your phone, you can use these to log in (each code can only be used once). 

These codes are an example, please don't use these codes. 

The next time when you log in, you will see the following screen. A verification code will now be needed to log in.