# Two-factor authentication (2FA)

## Introduction

Two-factor authentication (2FA) is a subset of multifactor authentication (MFA). It typically uses a one-time time-based passcode (TOTP) to add an extra layer of security to the user’s account. 

## How it works - technical

Generally, 2FA works as follows:

1. A secure string of letters and numbers (known as a **secret key**) is generated.
2. This string is shared with an **authenticator app** on the user’s mobile device - usually by scanning a QR code.
3. The **authenticator app** uses the **secret key**, along with the current date/time to generate a code. These codes expire after a short period of time and a new one is generated.
4. When authenticating with an application, the user is prompted to retrieve the current code from their **authenticator app** and input it into the application. If the code matches what the application has generated, the user is authenticated.

## How it works - user journey

When 2FA is enabled for your Patchworks account, you will log into the dashboard as normal with your username and password. Having entered your credentials, you are prompted to enter an authentication code, which you obtain from your authenticator app:

<div align="left"><figure><img src="/files/UkPMtgQ9aCsOg4NfuzvU" alt="" width="563"><figcaption></figcaption></figure></div>

## Need to know

To enable 2FA for your Patchworks login, you will need an authenticator app - for example (but not limited to *Google Authenticator*, *Microsoft Authenticator*, *Duo*, *Authy*).

## Enabling 2FA for your Patchworks login

To enable 2FA for Patchworks, follow the steps below:

**Step 1**\
Log into the Patchworks dashboard.

**Step 2**\
Select **settings** (from the bottom of the left-hand navigation menu):

<img src="/files/3rpkJU42llyr9BVazwhY" alt="" data-size="original">

**Step 3**\
Select **my account settings**:

<figure><img src="/files/5G9ClFUZk9mcDl0aZbxM" alt=""><figcaption></figcaption></figure>

**Step 4**\
Select the **multi-factor authentication** tab:

<div align="left"><figure><img src="/files/ZXPkHZorWZbEi6JnJcFj" alt=""><figcaption></figcaption></figure></div>

**Step 5**\
Click the **enable** button:

<figure><img src="/files/etiezkGFu16TEleWXxep" alt=""><figcaption></figcaption></figure>

...setup information is displayed with a QR code:

<figure><img src="/files/JfCeGXtYUnUI5YdIsVr9" alt=""><figcaption></figcaption></figure>

**Step 6**\
Open your preferred authenticator app and scan the QR code.&#x20;

**Step 7**\
Your authenticator app will generate a 2FA code, which you should enter in the Patchworks multi-factor authentication tab, then click **confirm:**:

<figure><img src="/files/uyW9uidWXZX1oAYpXR2z" alt=""><figcaption></figcaption></figure>

**Step 8**\
A set of recovery codes is displayed, which can be used in the event that you can't access your authenticator app for any reason. Copy these codes somewhere secure (such as a password manager).

<div align="left"><figure><img src="/files/GCduwirPf7nlEwI2fBQT" alt=""><figcaption></figcaption></figure></div>

**Step 9**\
Click the **copied** button to confirm that you've copied recovery codes - the setup is now complete:

<figure><img src="/files/QS0iIvLmK3AoF8TsOqQe" alt=""><figcaption></figcaption></figure>

The next time that you log into Patchworks, you'll be prompted to enter a 2FA code (generated by your authenticator app) before you can access the dashboard:

![](/files/F2Dh9qQoooEeC70Pp7nb)

## Disabling 2FA for your Patchworks login

To disable 2FA for Patchworks, follow the steps below:

**Step 1**\
Log into the Patchworks dashboard.

**Step 2**\
Select **settings** (from the bottom of the left-hand navigation menu):

<img src="/files/3rpkJU42llyr9BVazwhY" alt="" data-size="original">

**Step 3**\
Select **my account settings**:

<figure><img src="/files/5G9ClFUZk9mcDl0aZbxM" alt=""><figcaption></figcaption></figure>

**Step 4**\
Select the **multi-factor authentication** tab:

<figure><img src="/files/ZXPkHZorWZbEi6JnJcFj" alt=""><figcaption></figcaption></figure>

**Step 5**\
Click the **disable MFA** button:

<figure><img src="/files/DmNlWC9IfmEt441soWYR" alt=""><figcaption></figcaption></figure>

**Step 6**\
When prompted, confirm your decision:

<figure><img src="/files/ZdPzxgSsd5z47brNbTi3" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://doc.wearepatchworks.com/product-documentation/registration/two-factor-authentication-2fa.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.