Enabling and Disabling Two-Factor Authentication (2FA)
Kialo supports Two-Factor Authentication (2FA), providing an extra layer of security for your account. When you log in, if 2FA is enabled, you are required to generate a code in your authenticator app in addition to your password.
Important: Store your backup codes somewhere safe, as they are the only way to recover your account in case your 2FA device (e.g., your phone) is lost. The best practice is to print them out or store them on a USB drive, rather than the device you use to access Kialo.
How to Enable/Disable Two-Factor Authentication
To enable 2FA:
- Navigate to your User Settings page.
- Scroll down to the ‘Two-Factor Authentication’ section and click ‘Enable Two-Factor Authentication’.
- A pop-up appears. Enter your current password and click ‘Continue’.
- A QR code appears. Scan this code in your 2FA app.
- Underneath the QR code, enter the verification code which appears in your app and click ‘Continue’.
- Your backup codes appear. Save these somewhere safe.
- Once you have saved your backup codes, click ‘Finish’.
2FA is now enabled for your account. The next time you log in, you are required to enter the code generated in your app after entering your password.
To disable 2FA:
- Navigate to your User Settings page.
- Scroll down to the ‘Two-Factor Authentication’ section and click ‘Disable Two-Factor Authentication’.
- A pop-up appears. Enter your current password and click ‘Continue’.
- A confirmation message asks if you are certain you wish to disable 2FA. If you are, click ‘Disable’.
I’ve Lost My Authentication Device
If you’ve lost the device you use to generate your 2FA code, you can use a backup code to log in instead.
- Attempt to log in using your username/email and password.
- When prompted for your 2FA code, click ‘Authenticator Lost’.
- A prompt requests your backup code. Enter one of your backup codes here (each backup code is 12 characters long) and click ‘Submit’.
Note that using a backup code does not disable 2FA on your account – if you have permanently lost access to your authentication device, follow the steps in the section above to disable 2FA.