2FA Settings
2FA Settings
Configure Two Factor Authentication for added security
Two Factor Authentication
Protect account data by adding 2FA either individually or for your whole company
Opt to receive an authentication code by email or by using an authenticator app.
Which is right for you? Want to set it up company-wide? Check out our FAQ below.
Hash based one time password (HOTP)
Authenticate Using Email
No setup required – just enable
You’ll receive a one-time login code at your work email each time you sign in
Simple: just check your inbox for the code when you log in
Backup code option – in case you can’t get email
Set and forget for companies: when you disable access to a mailbox, that user’s access to the site automatically ends
Time based one time password (TOTP)
Authenticate Using App
Use an authenticator app such as Microsoft Authenticator, Google Authenticator, or LastPass
Once set up, the app generates short codes on your phone
Built in ‘remember this device for 30 days’ option to reduce prompts
Email backup option for recovery when your phone runs out of battery
Suits studios, broadcasters, streamers or those with in-house IT teams who want maximum security and device-based authentication
You must be logged in to view 2FA settings.
2FA FAQs
Two-factor authentication adds an extra layer of protection to your account.
After entering your username or email and password, you’ll be asked for a one-time code. This confirms that it’s really you – even if someone else knows your password.
Security expectations across the industry are rising.
2FA helps protect sensitive production information and ensures that only authorised users can access client materials. It’s part of our commitment to meeting current best-practice cybersecurity standards.
Yes. Any user can enable 2FA at any time for extra protection – it’s strongly encouraged for all accounts.
However, if your organisation mandates a specific 2FA method for its email domain, those corporate settings will take precedence over any individual preference. This ensures consistent security compliance across all users from the same company.
2FA is available to everyone, but may be required for users logging in with certain company domains.
Freelancers and individual users can still enable 2FA voluntarily for added protection.
We offer two secure login options, depending on your organisation’s preference:
Email-based 2FA
- You’ll receive a one-time login code at your work email each time you sign in.
- No setup required – just check your inbox for the code.
- If your company disables your mailbox, your access to the site automatically ends.
Authenticator App (TOTP-based)
- You’ll use an authenticator app such as Microsoft Authenticator, Google Authenticator, or OnePass.
- Once set up, the app generates short codes on your phone.
- You can choose to ‘remember this device’ for 30 days to reduce prompts.
- An email backup option is available for recovery.
Your company’s IT policy decides which method applies to your domain and you’ll be guided through setup the first time you log in. If no corporate policy is enforced, you’re free to choose your preferred 2FA method.
When you first log in, you’ll be asked to configure 2FA.
- Email users simply receive a one-time code after login.
- Authenticator users will scan a QR code using their chosen app and confirm the code once.
After setup, you’ll sign in using your password plus your 2FA code.
Configuring 2FA
Setting up and using two-factor authentication (2FA) is very easy; simply follow the wizard. This guide offers a detailed walk-through of the process.
- Launch the Wizard: click the Configure 2FA button
- Select a 2FA method: there are several 2FA authentication methods to choose from and your company may have made one or more available to you
- Configure your selected 2FA method – you’ll find all of the instructions for what you need to do to set up your chosen 2FA authentication method
- Verify your 2FA configuration – enter the one-time code generated from your app / email for verification (and if you change 2FA authentication method you’ll need to re-authenticate with that method)
- Configure your alternative 2FA method: if alternative 2FA methods have been made available to you, you can set them up now (alternative 2FA methods enable you to log in even if your primary 2FA method becomes unavailable, for example, your phone runs out of battery)
The next time you try to log in, you’ll be prompted to enter your 2FA code after entering your username and password.
If your organisation updates its security policy – such as switching from email codes to an authenticator app – you’ll be prompted to update your 2FA settings the next time you log in. You won’t lose access; you’ll just need to follow the new setup instructions.
If access is linked to a corporate email account and your company disables or reassigns your email address, your login will no longer work.
Please contact your company’s IT administrator if you believe this is in error.
Use your backup email option or recovery codes if available.
If you can’t recover access, contact us for identity verification and reset assistance.
If you’re using a corporate client email address, only if your company’s security policy allows it.
If both methods are permitted, you can switch under My Account > Account Details > Configure 2FA. If your organisation mandates a specific method for your domain, that setting will automatically override personal choices.
You can tailor 2FA to match your company’s security requirements and IT environment. You have two main configuration options for your team’s accounts:
Email-based 2FA (corporate-controlled access)
- A one-time login code is sent to each user’s work email every time they sign in.
- No setup or training required: users just check their inbox.
- If you deactivate a mailbox (or prevent a user’s access to it), that user automatically loses access.
- Ideal for productions that need a simple, low-maintenance solution where access is tied to an active corporate email.
Email 2FA fits productions where crew access should follow active work email accounts – simple, secure, and automatic. It’s a “just works” approach tied to access to company email accounts.
Authenticator App (TOTP-based 2FA)
- Users log in with a short code from an authenticator app such as Microsoft Authenticator, Google Authenticator, or OnePass.
- Devices are set up to be trusted for 30 days to reduce prompts.
- Slightly more setup for the user, but stronger protection and flexibility for teams using managed devices or remote workers.
- A backup email option is available for recovery – for example phone lost or no battery.
Authenticator 2FA suits studios, broadcasters, streamers etc with managed devices and a higher security baseline, or those with in-house IT teams who want maximum security and device-based authentication.
Summary
Whichever method best fits your needs, once it’s set up whenever a user on your corporate email domain registers or logs in, the 2FA method you have chosen applies to them automatically. If you want 2FA applied to all users on your domain, please contact us.
| Requirement | Best Option | Notes |
|---|---|---|
| Simple to manage, access ends with mailbox | Email 2FA | Zero setup for users |
| Stronger security, 30-day trusted devices | Authenticator (TOTP) | Requires app setup by user |
For login or 2FA issues, please contact us.
For corporate policy or email-domain enforcement queries, please contact your organisation’s IT department.
Configuring 2FA Apps
This site supports a wide variety of 2FA authentication apps. This explains how to use some of the most popular authentication apps when setting up your 2FA.
- Launch the Authy application. Select the menu icon from the upper right hand corner of the screen and choose “Add Account” from the available menu items.
- Choose to scan the QR code the plugin provides with your device’s camera or enter your verification code manually.
- Once you have scanned / entered the code, you will be allowed to give your new account a unique nickname and icon. This helps when you have multiple accounts set up within the Authy app. To continue, hit Save, and you will be given your new authentication token.
- In the 2FA setup wizard, continue to the next step and enter this code into the “Authentication Code” field.
- Once submitted, your code is verified and you have successfully added an important layer of protection to your account.
- Tap the “+” icon in the app home screen in the lower right corner of the screen.
- The app will prompt you to scan the QR code or enter the code manually. Scan / enter the code provided in our setup wizard.
- You will be redirected to the app home screen where you can see all your 2FA codes. If you have other accounts on the app, the new account will be at the bottom of the list.
- You can now return to the 2FA setup wizard and enter the code into the “Authentication Code” field. Once submitted, the plugin verifies your code and you’re done.
- From the app home screen, hit the “Add Account” button in the main app area.
- Sspecify what type of account you are adding which helps keep your accounts organised, and then you will be asked to scan the QR code the plugin provides or manually enter the code.
- After you scan / enter the code provided, you will be taken back to the home screen where your newly added account will be listed. Click it to reveal your verification code.
- Enter this code into the “Authentication Code” field in the wizard. Once verified, you will have successfully added 2FA protection to your account.
- From the application’s home screen, select the “+” icon in the upper right-hand corner of the screen.
- Scan the QR code or choose “No Barcode” and enter the code manually. Once you enter the code, you will be shown the account details on screen.
- Edit the user name and assign an icon to help recognise the account easily. Once you have finished editing the details, hit the Save (tick) icon in the upper right corner of the screen.
- You will now see your new verification code. Enter that into the “Authentication Code” field in the wizard. Once verified you will have successfully added 2FA protection to your account.
- Select “New Account” from the app’s home screen.
- Select whether you would like to scan the QR code on teh screen or enter the code manually.
- Once you have scanned / entered the code, you will see the verification code needed to configure 2FA for your account.
- Enter the code into the “Authentication Code” field provided within the wizard and hit “Finish” to verify.
Although FreeOPT doesn’t have all the features of some of the other apps, it’s still perfectly capable and a breeze to set up.
- Select the QR icon at the upper centre of your app home screen or enter the code manually.
- The newly added account will be listed in the FreeOTP app home screen.
- Select the account to reveal your one-time password.
- Enter this code into the “Authentication Code” field provided within the plugin wizard.
- Hit “Finish” to verify your code.
- Click the “+” icon in the lower right corner.
- In the next screen screen you can either scan the QR code provided in the wizard or enter the code manually by clicking “no barcode”.
- Your new profile is be setup and ready to use: you can give it a unique name which can help if you have multiple logins.
