Two-factor authentication
Two-factor authentication (2FA) adds an extra layer of security to your account. When enabled, signing in requires both your password and a time-based one-time code (TOTP) from an authenticator app.
2FA is set per account, not per workspace — enabling it protects your sign-in everywhere.
Setting up 2FA
- Click your name at the bottom of the sidebar, open Settings, and go to the Security tab
- Click Enable 2FA
- Scan the QR code with your authenticator app (Google Authenticator, Authy, 1Password, or similar) — or enter the setup key manually if you can't scan
- Enter the 6-digit code from your app to confirm
2FA isn't active until you confirm with a valid code, so you can't lock yourself out mid-setup.
Signing in with 2FA
Once 2FA is enabled, the sign-in flow adds one step:
- Enter your email and password as usual
- You're prompted for a verification code
- Open your authenticator app and enter the current 6-digit code
- You're signed in
Disabling 2FA
- Go to Settings, then the Security tab
- Click Disable 2FA and confirm
You can re-enable it at any time; you'll go through setup again with a fresh QR code.
If you're locked out
If you lose access to your authenticator app, email support@mcp.agentic-accounting.com from the email address on your account and we'll help you recover it. Consider storing your authenticator's own backup (most apps support encrypted backups or multi-device sync) so this doesn't happen.
Do I need 2FA?
2FA isn't required, but we strongly recommend it — especially for workspace owners, whose accounts control team membership, billing, API keys, and webhooks. It takes a few minutes to set up and significantly reduces the risk of unauthorized access.
Next steps
Learn about plans and billing to manage your subscription.