# Enable two-factor authentication (2FA) Two-factor authentication (2FA) adds an extra layer of protection to your Databox account. It requires two forms of verification: something you know (your email and password) and something you have (a temporary code sent to your phone or generated by an authenticator app). By combining these two factors, 2FA makes it much harder for unauthorized users to gain access, even if your password is compromised. ## Enable two-factor authentication 1. Go to [Account Management > Profile.](https://account.databox.com/profile) 2. Under **Password & Security** section, click **Enable**. 3. **Choose an authentication method** and click **Select option.** - **Authenticator app** — Scan the QR code with an authenticator app (Google Authenticator, Duo Mobile, etc.) and confirm by entering the code generated by the app. After setup, download your **recovery codes** and store them in a safe place. These can be used if you lose access to your authenticator app. - **Text message (SMS)** — Enter your phone number and confirm by entering the code sent to your device. If you don't receive the message, click **Resend code** to request a new one. 4. Once the code is verified, two-factor authentication will be enabled on your account. 2fa-setup SMS delivery for two-factor authentication is only supported in approved countries to prevent fraud and ensure secure message delivery. If SMS delivery isn't available in your country, choose the authenticator app option instead. ### ![lock](/assets/lock.2fb1bbc208afcc03d15a0a45f22bdf7f830322016e038e5721965851130807af.419bb737.svg) Require two-factor authentication for all users Account administrators can enforce two-factor authentication for every user in the account. In agency accounts, this setting applies only to agency account users — client users are not affected. To require 2FA for all users: 1. Go to [Account Management > Advanced security > Two-factor authentication.](https://account.databox.com/security/two-factor) 2. Switch on the **Require two-factor authentication for all users** toggle. 3. Confirm in the pop-up by clicking **Yes**. ## Disable two-factor authentication 1. Go to [Account Management > Profile.](https://account.databox.com/profile) 2. Under **Password & Security** section, click **Disable**. 3. **Enter your current two-factor authentication code** from your authenticator app or SMS to confirm. 4. Once the code is verified, two-factor authentication will be disabled on your account. No. You'll need to choose one verification method, since only one can be active at a time. If you enabled 2FA with an authenticator app, you can sign in using one of your **recovery codes**. If you can't use a recovery code, or if you lose access to your phone number when using SMS, contact Databox Support to verify your identity and regain access. Any standard authenticator app that supports TOTP (time-based one-time password) works, such as Google Authenticator and Duo Mobile.   Ask Genie Get instant answers or help with your data using the in-app AI assistant. Talk to an expert For customers: Get help with your setup, strategy, or making the most of Databox. Book a demo New to Databox? See how it works and get guidance on getting started. Send an email Reach out to support for help with your account, data, or technical issues.