How to Enable Two-Factor Authentication
Two-factor authentication (2FA) adds an extra layer of security by requiring a second verification step when logging in.
Setting Up 2FA for Your Account
Go to Profile → Security (click your avatar in the top right, then Security)Find the Two-Factor Authentication sectionClick Enable 2FAChoose your method:Authenticator App (Recommended)
Download an authenticator app (Google Authenticator, Authy, or Microsoft Authenticator)Scan the QR code displayed on screen with your authenticator appEnter the 6-digit code from the app to verifySave your backup codes in a secure location — these let you log in if you lose access to your authenticator appSMS Verification
Confirm your phone numberEnter the verification code sent via SMSSave your backup codesLogging In with 2FA
After entering your email and password:
You will be prompted for a verification codeOpen your authenticator app and enter the current 6-digit codeOptionally check Remember this device for 30 days to skip 2FA on trusted devicesRequiring 2FA for All Staff
Clinic owners can enforce 2FA for all team members:
Go to Settings → SecurityToggle Require 2FA for all usersStaff members will be prompted to set up 2FA on their next loginUsers who do not complete setup within 7 days will be unable to log in until they doManaging Backup Codes
Each setup generates 10 single-use backup codesUse a backup code instead of the authenticator code if you lose your deviceTo generate new backup codes: Profile → Security → Regenerate Backup CodesOld codes are invalidated when new ones are generatedDisabling 2FA
Go to Profile → SecurityClick Disable 2FAEnter your password to confirm2FA is removed from your accountNote: If the clinic requires 2FA for all users, individual users cannot disable it.
For password management, see How to Change Your Password. For team security, see User Management.