# Two-Factor Authentication (2FA) Two-factor authentication adds an extra layer of security to your CrowdWork account by requiring a one-time code from your authenticator app when you sign in. This prevents unauthorized access even if someone obtains your password. {% hint style="success" %} **Enhanced Security:** With 2FA enabled, signing into your account requires both your password AND a code from your authenticator app, making your account significantly more secure. {% endhint %} ### What You'll Need Before enabling 2FA, make sure you have: * Any TOTP-compatible authenticator app installed on your mobile device. * [Google Authenticator](https://support.google.com/accounts/answer/1066447) (iOS/Android) * [Microsoft Authenticator](https://www.microsoft.com/en-us/security/mobile-authenticator-app) (iOS/Android) * [Apple Passwords app](https://support.apple.com/en-us/120758) (iOS 18+) * other popular apps: [Ente](https://ente.io/auth/), [StepTwo](https://steptwo.app/), [OneAuth](https://www.zoho.com/accounts/oneauth/), [Bitwarden](https://bitwarden.com/products/authenticator/), [Authy](https://authy.com/), [2FAs](https://2fas.com/) * Access to your current CrowdWork account/password * About 2-3 minutes to complete setup *** ### Enabling Two-Factor Authentication #### Step 1: Access Settings You can enable 2FA from two locations: **Option A: From Dashboard Notification** If you see the "Secure Your Account" notification on your Dashboard:

Secure Your Account notification with Enable 2FA button on the Dashboard

1. Click the **Enable 2FA** button in the notification 2. Skip ahead to [Step 2: Scan QR Code](#step-2-scan-qr-code) **Option B: From User Settings** To access settings from anywhere in your account:

Email dropdown menu showing Settings option

1. Click your **email address** in the top-right corner 2. Select **Settings** from the dropdown menu 3. Scroll down to the **Two-Factor Authentication** section

Two-Factor Authentication section in User Settings with Enable 2FA button

4. Click the **Enable 2FA** button #### Step 2: Scan QR Code After clicking Enable 2FA, you'll see the setup screen:

2FA setup screen showing QR code and verification code entry

1. **Open your authenticator app** on your mobile device 2. **Scan the QR code** displayed on screen * Look for an "Add" or "+" button in your authenticator app * Select "Scan QR code" or "Scan barcode" * Point your camera at the QR code on your computer screen {% hint style="info" %} **Can't scan the QR code?** Click the copy button near the "Manual secret" then paste the code into your authenticator app instead. Keep this secret safe - it can be used to set up your authenticator on a new device if needed. {% endhint %} #### Step 3: Verify & Enable After adding CrowdWork to your authenticator app: 1. Your authenticator app will display a **6-digit code** that changes every 30 seconds 2. **Enter the current 6-digit code** in the verification boxes 3. Click **Verify & Enable 2FA** to complete setup {% hint style="success" %} **Setup Complete!** Two-factor authentication is now active on your account. You'll need to enter a code from your authenticator app each time you sign in. {% endhint %} *** ### Using Two-Factor Authentication #### Signing In With 2FA Once 2FA is enabled, your sign-in process includes an extra step: 1. Go to [crowdwork.com/users/sign\_in](https://crowdwork.com/users/sign_in) 2. Enter your **email address** and **password** as usual 3. You'll be prompted for your **authentication code**

Sign-in screen prompting for 2FA authentication code

4. Open your authenticator app and enter the current **6-digit code** 5. Click **Sign In** to complete the process {% hint style="warning" %} **Authentication codes expire quickly:** Each code is only valid for about 30 seconds. If you see the code timer running out in your app, wait for a fresh code before entering it. {% endhint %} #### Troubleshooting Sign-In Issues **Code not working?** * Make sure you're entering the current code from your authenticator app * Wait for a fresh code if the timer is almost expired * Check that your device's time is set correctly (authenticator apps rely on accurate time) * Verify you're entering the code for the correct account **Lost access to your authenticator app?** * Contact [CrowdWork support](https://docs.crowdwork.com/contacting-support) for assistance recovering your account * We'll need to verify your identity before disabling 2FA *** ### Managing Two-Factor Authentication #### Checking 2FA Status To verify if 2FA is enabled on your account: 1. Click your **email address** in the top-right corner 2. Select **Settings** 3. Scroll to the **Two-Factor Authentication** section 4. You'll see either: * **"Enable 2FA"** button if 2FA is disabled * **"Enabled"** badge with **"Disable 2FA"** button if 2FA is active

Two-Factor Authentication section showing Enabled status with Disable 2FA button

#### Disabling Two-Factor Authentication {% hint style="danger" %} **Security Note:** Disabling 2FA reduces your account security. Only disable it if absolutely necessary. {% endhint %} To turn off 2FA: 1. Navigate to **Settings** (click your email address → Settings) 2. Find the **Two-Factor Authentication** card 3. Click the **Disable 2FA** button 4. Confirm you want to disable two-factor authentication Once disabled, you'll only need your password to sign in. #### Setting Up 2FA on a New Device If you get a new phone or need to set up 2FA on a different device: **Option 1: Transfer via authenticator app** * Most authenticator apps support transferring accounts to new devices * Check your app's documentation for specific transfer instructions **Option 2: Disable and re-enable 2FA** 1. [Disable 2FA](#disabling-two-factor-authentication) on your account 2. Install your authenticator app on your new device 3. [Enable 2FA](#enabling-two-factor-authentication) again and scan the new QR code **Option 3: Use the manual secret** * If you saved the secret code from initial setup, enter it into your authenticator app on the new device * This recreates your 2FA setup without needing to disable and re-enable *** ### Best Practices #### Keep Your Account Secure * **Save the secret code** when enabling 2FA - store it securely like a password * **Don't share your authentication codes** - they're as sensitive as passwords * **Keep your authenticator app backed up** - many apps offer cloud backup features * **Use a password manager** - secure your password alongside your 2FA backup #### If You Lose Access If you lose access to your authenticator app: 1. Try recovering using your authenticator app's backup features 2. If you saved your secret code, enter it into a new authenticator app 3. If neither works, [contact support](https://docs.crowdwork.com/contacting-support) for account recovery assistance {% hint style="danger" %} **Account Recovery:** For security reasons, we'll need to verify your identity before helping disable 2FA. This process protects your account from unauthorized access. {% endhint %} *** ### Frequently Asked Questions **Q: Is 2FA required for my CrowdWork account?**\ A: No, 2FA is optional but highly recommended. It significantly increases your account security. **Q: Can I use the same authenticator app for multiple CrowdWork accounts?**\ A: Yes! Most authenticator apps support renaming the account inside their app. This can help you distinguish between your different CrowdWork accounts. **Q: Can I use an authenticator app that I already have?**\ A: Yes! All authenticator apps we've tested support adding accounts for different websites. You can add your CrowdWork account and will see it listed alongside all your codes in the app. **Q: Will 2FA work on mobile devices?**\ A: Yes, 2FA works on any device where you can access your authenticator app to get codes. **Q: Do you support SMS or text message codes for sign-in?**\ A: Currently, we only support two-factor authentication using authenticator apps, as this is a more secure method than SMS or text messaging. **Q: Can I temporarily disable 2FA?**\ A: Yes, you can [disable 2FA](#disabling-two-factor-authentication) at any time from your Settings page. **Q: What if I see an "Invalid code" error?**\ A: This usually means: * The code expired (wait for a fresh code) * Your device time is incorrect (check your device clock) * You're entering the code for the wrong account (verify in your authenticator app) *** ### Need Help? If you encounter issues with two-factor authentication: * **Can't scan QR code?** Use the manual secret option instead * **Codes not working?** Check that the time on your device's clock is accurate * **Lost authenticator access?** [Contact support](https://docs.crowdwork.com/contacting-support) for recovery help * **General questions?** Reach out to our [support team](https://docs.crowdwork.com/contacting-support) We're here to help keep your account secure so the shows can go on!