# Two-Factor Authentication (2FA) Two-factor authentication adds an extra layer of security to your CrowdWork account by requiring a one-time code from your authenticator app when you sign in. This prevents unauthorized access even if someone obtains your password. {% hint style="success" %} **Enhanced Security:** With 2FA enabled, signing into your account requires both your password AND a code from your authenticator app, making your account significantly more secure. {% endhint %} ### What You'll Need Before enabling 2FA, make sure you have: * Any TOTP-compatible authenticator app installed on your mobile device. * [Google Authenticator](https://support.google.com/accounts/answer/1066447) (iOS/Android) * [Microsoft Authenticator](https://www.microsoft.com/en-us/security/mobile-authenticator-app) (iOS/Android) * [Apple Passwords app](https://support.apple.com/en-us/120758) (iOS 18+) * other popular apps: [Ente](https://ente.io/auth/), [StepTwo](https://steptwo.app/), [OneAuth](https://www.zoho.com/accounts/oneauth/), [Bitwarden](https://bitwarden.com/products/authenticator/), [Authy](https://authy.com/), [2FAs](https://2fas.com/) * Access to your current CrowdWork account/password * About 2-3 minutes to complete setup *** ### Enabling Two-Factor Authentication #### Step 1: Access Settings You can enable 2FA from two locations: **Option A: From Dashboard Notification** If you see the "Secure Your Account" notification on your Dashboard:
Secure Your Account notification with Enable 2FA button on the Dashboard
1. Click the **Enable 2FA** button in the notification 2. Skip ahead to [Step 2: Scan QR Code](#step-2-scan-qr-code) **Option B: From User Settings** To access settings from anywhere in your account:
Email dropdown menu showing Settings option
1. Click your **email address** in the top-right corner 2. Select **Settings** from the dropdown menu 3. Scroll down to the **Two-Factor Authentication** section
Two-Factor Authentication section in User Settings with Enable 2FA button
4. Click the **Enable 2FA** button #### Step 2: Scan QR Code After clicking Enable 2FA, you'll see the setup screen:
2FA setup screen showing QR code and verification code entry
1. **Open your authenticator app** on your mobile device 2. **Scan the QR code** displayed on screen * Look for an "Add" or "+" button in your authenticator app * Select "Scan QR code" or "Scan barcode" * Point your camera at the QR code on your computer screen {% hint style="info" %} **Can't scan the QR code?** Click the copy button near the "Manual secret" then paste the code into your authenticator app instead. Keep this secret safe - it can be used to set up your authenticator on a new device if needed. {% endhint %} #### Step 3: Verify & Enable After adding CrowdWork to your authenticator app: 1. Your authenticator app will display a **6-digit code** that changes every 30 seconds 2. **Enter the current 6-digit code** in the verification boxes 3. Click **Verify & Enable 2FA** to complete setup {% hint style="success" %} **Setup Complete!** Two-factor authentication is now active on your account. You'll need to enter a code from your authenticator app each time you sign in. {% endhint %} *** ### Using Two-Factor Authentication #### Signing In With 2FA Once 2FA is enabled, your sign-in process includes an extra step: 1. Go to [crowdwork.com/users/sign\_in](https://crowdwork.com/users/sign_in) 2. Enter your **email address** and **password** as usual 3. You'll be prompted for your **authentication code**
Sign-in screen prompting for 2FA authentication code
4. Open your authenticator app and enter the current **6-digit code** 5. Click **Sign In** to complete the process {% hint style="warning" %} **Authentication codes expire quickly:** Each code is only valid for about 30 seconds. If you see the code timer running out in your app, wait for a fresh code before entering it. {% endhint %} #### Troubleshooting Sign-In Issues **Code not working?** * Make sure you're entering the current code from your authenticator app * Wait for a fresh code if the timer is almost expired * Check that your device's time is set correctly (authenticator apps rely on accurate time) * Verify you're entering the code for the correct account **Lost access to your authenticator app?** * Contact [CrowdWork support](/contacting-support.md) for assistance recovering your account * We'll need to verify your identity before disabling 2FA *** ### Managing Two-Factor Authentication #### Checking 2FA Status To verify if 2FA is enabled on your account: 1. Click your **email address** in the top-right corner 2. Select **Settings** 3. Scroll to the **Two-Factor Authentication** section 4. You'll see either: * **"Enable 2FA"** button if 2FA is disabled * **"Enabled"** badge with **"Disable 2FA"** button if 2FA is active
Two-Factor Authentication section showing Enabled status with Disable 2FA button
#### Disabling Two-Factor Authentication {% hint style="danger" %} **Security Note:** Disabling 2FA reduces your account security. Only disable it if absolutely necessary. {% endhint %} To turn off 2FA: 1. Navigate to **Settings** (click your email address → Settings) 2. Find the **Two-Factor Authentication** card 3. Click the **Disable 2FA** button 4. Confirm you want to disable two-factor authentication Once disabled, you'll only need your password to sign in. #### Setting Up 2FA on a New Device If you get a new phone or need to set up 2FA on a different device: **Option 1: Transfer via authenticator app** * Most authenticator apps support transferring accounts to new devices * Check your app's documentation for specific transfer instructions **Option 2: Disable and re-enable 2FA** 1. [Disable 2FA](#disabling-two-factor-authentication) on your account 2. Install your authenticator app on your new device 3. [Enable 2FA](#enabling-two-factor-authentication) again and scan the new QR code **Option 3: Use the manual secret** * If you saved the secret code from initial setup, enter it into your authenticator app on the new device * This recreates your 2FA setup without needing to disable and re-enable *** ### Best Practices #### Keep Your Account Secure * **Save the secret code** when enabling 2FA - store it securely like a password * **Don't share your authentication codes** - they're as sensitive as passwords * **Keep your authenticator app backed up** - many apps offer cloud backup features * **Use a password manager** - secure your password alongside your 2FA backup #### If You Lose Access If you lose access to your authenticator app: 1. Try recovering using your authenticator app's backup features 2. If you saved your secret code, enter it into a new authenticator app 3. If neither works, [contact support](/contacting-support.md) for account recovery assistance {% hint style="danger" %} **Account Recovery:** For security reasons, we'll need to verify your identity before helping disable 2FA. This process protects your account from unauthorized access. {% endhint %} *** ### Frequently Asked Questions **Q: Is 2FA required for my CrowdWork account?**\ A: No, 2FA is optional but highly recommended. It significantly increases your account security. **Q: Can I use the same authenticator app for multiple CrowdWork accounts?**\ A: Yes! Most authenticator apps support renaming the account inside their app. This can help you distinguish between your different CrowdWork accounts. **Q: Can I use an authenticator app that I already have?**\ A: Yes! All authenticator apps we've tested support adding accounts for different websites. You can add your CrowdWork account and will see it listed alongside all your codes in the app. **Q: Will 2FA work on mobile devices?**\ A: Yes, 2FA works on any device where you can access your authenticator app to get codes. **Q: Do you support SMS or text message codes for sign-in?**\ A: Currently, we only support two-factor authentication using authenticator apps, as this is a more secure method than SMS or text messaging. **Q: Can I temporarily disable 2FA?**\ A: Yes, you can [disable 2FA](#disabling-two-factor-authentication) at any time from your Settings page. **Q: What if I see an "Invalid code" error?**\ A: This usually means: * The code expired (wait for a fresh code) * Your device time is incorrect (check your device clock) * You're entering the code for the wrong account (verify in your authenticator app) *** ### Need Help? If you encounter issues with two-factor authentication: * **Can't scan QR code?** Use the manual secret option instead * **Codes not working?** Check that the time on your device's clock is accurate * **Lost authenticator access?** [Contact support](/contacting-support.md) for recovery help * **General questions?** Reach out to our [support team](/contacting-support.md) We're here to help keep your account secure so the shows can go on! --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.crowdwork.com/account-and-security/two-factor-authentication-2fa.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.