Add an extra layer of security to your Guildbase account with two-factor authentication (2FA). Protect your account even if your password is compromised.
What is Two-Factor Authentication?
Two-factor authentication requires two forms of verification to access your account: something you know (your password) and something you have (your phone or security key). This means even if someone steals your password, they can't access your account without the second factor.
Authenticator App
Use apps like Google Authenticator or Authy
Recovery Codes
Backup codes if you lose your device
Setting Up 2FA
- Go to Account Settings → Security
- Click Enable Two-Factor Authentication
- Open your authenticator app (Google Authenticator, Authy, 1Password, etc.)
- Scan the QR code displayed on screen
- Enter the 6-digit code from your app to verify
- Save your recovery codes in a safe place
Screenshot: QR code setup screen
Recommended Authenticator Apps
| App | Platform | Features |
|---|---|---|
| Google Authenticator | iOS, Android | Simple, free, no account required |
| Authy | iOS, Android, Desktop | Cloud backup, multi-device sync |
| 1Password | All platforms | Integrated with password manager |
| Microsoft Authenticator | iOS, Android | Cloud backup, passwordless sign-in |
Pro Tip
Choose an authenticator with cloud backup (like Authy) so you don't lose access if you change phones. Without backup, you'll need recovery codes.
Recovery Codes
When you enable 2FA, you'll receive recovery codes. These are single-use codes that let you access your account if you lose your authenticator device.
Critical
Store your recovery codes somewhere safe — a password manager, printed copy in a secure location, or encrypted file. If you lose both your authenticator and recovery codes, you may be locked out permanently.
Recovery Code Best Practices
- Store them in a password manager
- Keep a printed copy in a secure location
- Don't store them on the same device as your authenticator
- Don't share them with anyone
- Generate new codes after using any
Signing In with 2FA
After enabling 2FA, signing in requires an extra step:
- Enter your email and password as normal
- Open your authenticator app
- Enter the 6-digit code displayed
- You're now signed in
Note
Codes refresh every 30 seconds. If your code is about to expire, wait for the next one to ensure it doesn't expire while you're typing.
Lost Your Device?
If you lose access to your authenticator:
- On the 2FA screen, click Use recovery code
- Enter one of your saved recovery codes
- Once signed in, go to Security settings
- Disable 2FA, then re-enable with your new device
- Generate and save new recovery codes
Disabling 2FA
To disable two-factor authentication:
- Go to Account Settings → Security
- Click Disable Two-Factor Authentication
- Enter your current 2FA code to confirm
- 2FA will be removed from your account
Security Warning
Disabling 2FA makes your account less secure. Only disable it if you're immediately going to re-enable with a new device, or if absolutely necessary.
Troubleshooting
Code Not Working
Ensure your device's clock is accurate. TOTP codes are time-based, so even a minute of drift can cause failures. Enable automatic time sync on your phone.
Lost Recovery Codes
If you still have access to your account, go to Security settings and generate new recovery codes. Always save them immediately.
Completely Locked Out
If you've lost both your authenticator and recovery codes, contact our support team. We'll need to verify your identity before restoring access.