Turning on two-factor authentication

Why bother

Two-factor authentication (2FA) means signing in needs two things: your password plus a 6-digit code from an authenticator app on your phone. If your password ever leaked (a breach somewhere else where you reused it, a phishing email), 2FA stops the attacker from getting any further.

It's the single best thing you can do to protect your Vontra account.

What you'll need

An authenticator app on your phone. We support any standard TOTP app — popular free ones:

• Google Authenticator (iOS / Android)
• Microsoft Authenticator (iOS / Android)
• 1Password (if you already use it)
• Authy (iOS / Android)

You don't need a paid plan and you don't need to give us your phone number.

Setting it up

1. Settings → Account → Two-factor authentication → Set up.
2. Scan the QR code on screen with your authenticator app.
3. The app starts showing a 6-digit code that rotates every 30 seconds.
4. Type the current code into Vontra and click Verify.
5. Save the backup codes we show you somewhere safe (password manager, printout in a drawer) — these are the way back in if you lose your phone.

Done. From your next sign-in, after your password, we'll ask for the code.

Signing in with 2FA on

1. Enter your email and password as usual.
2. We prompt you for the 6-digit code from your app.
3. Tap Verify.

The code only works for ~30 seconds — if it expires while you're typing, just use the next one.

Lost your phone?

Sign in using a backup code (instead of the live code from the app). Each backup code only works once. After you're in, head back to Settings → Account → Two-factor authentication to re-enrol with a new device and generate fresh backup codes.

Turning it off

You can disable 2FA at any time from Settings → Account → Two-factor authentication → Disable. We strongly recommend keeping it on.