Skip to main content
Two-factor authentication (2FA) adds an extra layer of security to your Featul account. Even if someone obtains your password, they cannot access your account without the second factor.

What is Two-Factor Authentication?

Two-factor authentication requires two different methods to verify your identity:
  1. Something you know - Your password
  2. Something you have - Your authenticator app or device
Featul uses time-based one-time passwords (TOTP) for 2FA, which are generated by authenticator apps on your phone or computer.
Two-factor authentication is optional but strongly recommended for all accounts, especially workspace administrators.

Setting Up Two-Factor Authentication

Prerequisites

Before enabling 2FA, you’ll need:
  • An authenticator app installed on your phone or computer
  • Access to your Featul account
  • Your current password
  • Google Authenticator (iOS, Android)
  • Microsoft Authenticator (iOS, Android)
  • Authy (iOS, Android, Desktop)
  • 1Password (with TOTP support)
  • Bitwarden (with TOTP support)
Use an authenticator app that supports cloud backup (like Authy or 1Password) to avoid losing access if you lose your device.

Enable 2FA

To enable two-factor authentication:
  1. Sign in to your Featul account
  2. Navigate to account settings
  3. Go to the “Security” section
  4. Click “Enable Two-Factor Authentication”
  5. Confirm your password
  6. Scan the QR code with your authenticator app
    • Or manually enter the secret key if QR scanning isn’t available
  7. Enter the 6-digit code from your authenticator app
  8. Save your backup codes in a secure location
  9. Click “Enable” to activate 2FA
Save your backup codes immediately after enabling 2FA. Store them in a secure location separate from your authenticator app. These codes are your only recovery method if you lose access to your authenticator.

Backup Codes

When you enable 2FA, Featul generates backup codes:
  • You receive multiple single-use backup codes
  • Each code can only be used once
  • Store them in a secure location (password manager, encrypted file, safe)
  • Never share backup codes with anyone
  • Generate new codes if you use most of them
Print your backup codes and store them in a physically secure location, or save them in your password manager.

Signing In with Two-Factor Authentication

Once 2FA is enabled, your sign-in process changes:
  1. Enter your email and password as usual
  2. Complete email verification (if using email/password)
  3. Open your authenticator app
  4. Enter the 6-digit TOTP code
  5. Click “Verify” to complete sign-in
TOTP codes expire every 30 seconds. If a code doesn’t work, wait for a new code to generate.

Using Backup Codes

If you don’t have access to your authenticator app:
  1. Click “Use backup code” during 2FA verification
  2. Enter one of your saved backup codes
  3. Complete sign-in
  4. The backup code is now used and cannot be reused
Each backup code works only once. Keep track of which codes you’ve used and generate new ones when running low.

Managing Two-Factor Authentication

Viewing Backup Codes

To view your backup codes:
  1. Sign in to your account
  2. Go to security settings
  3. Navigate to “Two-Factor Authentication”
  4. Click “View Backup Codes”
  5. Confirm your password

Generating New Backup Codes

If you’ve used several backup codes:
  1. Go to security settings
  2. Navigate to “Two-Factor Authentication”
  3. Click “Generate New Backup Codes”
  4. Confirm your password
  5. Save the new codes securely
Generating new backup codes invalidates all previous backup codes. Make sure to save the new codes before closing the page.

Resetting 2FA Device

If you get a new phone or reinstall your authenticator app:
  1. Sign in to Featul (using a backup code if necessary)
  2. Go to security settings
  3. Click “Reset Two-Factor Authentication”
  4. Confirm your password
  5. Scan the new QR code with your authenticator app
  6. Save new backup codes

Disabling Two-Factor Authentication

To disable 2FA:
  1. Sign in to your account
  2. Go to security settings
  3. Navigate to “Two-Factor Authentication”
  4. Click “Disable Two-Factor Authentication”
  5. Confirm your password
  6. Enter a TOTP code or backup code
  7. Confirm the action
Disabling 2FA makes your account less secure. Only disable 2FA if absolutely necessary, and consider re-enabling it as soon as possible.

Security Best Practices

Protect Your Authenticator

  • Use a device PIN or biometric lock
  • Don’t screenshot TOTP codes
  • Enable cloud backup for your authenticator app
  • Keep your authenticator app updated

Secure Backup Codes

  • Store backup codes separately from your authenticator
  • Never share backup codes with anyone
  • Don’t store them in plain text on your computer
  • Use a password manager or encrypted storage
  • Consider printing and storing in a safe

Account Recovery Planning

  1. Save backup codes in multiple secure locations
  2. Consider using an authenticator app with cloud backup
  3. Keep your account email address current
  4. Inform trusted team members if you’re a workspace admin
If you’re a workspace administrator, ensure at least one other admin has access in case you lose access to your 2FA.

Rate Limiting

To prevent brute-force attacks, 2FA verification is rate-limited:
ActionLimit
TOTP verification attempts5 per minute
Backup code verification attempts5 per minute
If you exceed the rate limit, wait 60 seconds before trying again.

Troubleshooting

TOTP Code Not Working

  1. Check time synchronization
    • TOTP codes are time-based
    • Ensure your device’s clock is accurate
    • Enable automatic time synchronization
  2. Wait for new code
    • Codes expire every 30 seconds
    • Don’t enter a code that’s about to expire
  3. Verify correct account
    • Ensure you’re using the right TOTP entry in your authenticator
    • Check the account label matches Featul

Lost Access to Authenticator

  1. Use a backup code to sign in
  2. Go to security settings immediately
  3. Reset your 2FA setup
  4. Scan the new QR code with your authenticator
  5. Save new backup codes
If you’ve lost both your authenticator and backup codes, contact Featul support for account recovery. This process may take several days and require identity verification.

Out of Backup Codes

If you’ve used all your backup codes:
  1. If you still have authenticator access:
    • Sign in with your TOTP code
    • Generate new backup codes immediately
  2. If you’ve lost authenticator access:
    • Contact Featul support for account recovery
    • Be prepared for identity verification

Too Many Failed Attempts

  1. Wait 60 seconds for the rate limit to reset
  2. Ensure you’re entering the correct code
  3. Check your device’s time synchronization
  4. Use a backup code if needed

Combining 2FA with Other Security Features

2FA + Email/Password

The most common combination:
  1. Email and password for first factor
  2. TOTP code for second factor
  3. Strongest security with traditional authentication

2FA + OAuth

You can enable 2FA even when using OAuth:
  1. Sign in with Google or GitHub
  2. Then enter your TOTP code
  3. Adds Featul-specific security on top of OAuth

2FA + Passkeys

Passkeys and 2FA can coexist:
  • Passkeys are inherently two-factor (possession + biometric)
  • 2FA adds an additional option for signing in
  • Useful as a fallback if passkeys aren’t available
Use passkeys as your primary authentication method and keep 2FA as a backup option.

Next Steps

Passkeys

Enable passwordless authentication with passkeys

OAuth

Sign in with Google or GitHub

Build docs developers (and LLMs) love

Get started for freeTalk to us