Two-factor authentication (2FA) is a method to enhance the security of your account. By providing an additional piece--or factor--of information during the authentication process only you know or have, you are strongly proving that you are who you claim to be. A good example of 2FA is withdrawing money from an ATM as only you know your PIN, and you have your debit card.

For further information on 2FA in general, Wikipedia's article on Multi-Factor Authentication is a good starting point.

By enabling 2FA, you will set-up an authenticator to generate a time-based password through an application such as Google Authenticator. Each time that you log into your Weasyl account, you will be prompted for the token shown on your authenticator after your password is verified. Without both of these factors, you--or someone who has stolen your password--cannot log into your account.

You will receive ten recovery codes as part of the 2FA setup process. Providing one of these codes will function as an alternate means to log into your account. These codes should be printed or otherwise saved in a secure manner, with the same diligence and care that you would take when safeguarding other personal information.

Each recovery code is usable only once, so please keep track of any used recovery codes.

You can generate a new set of 2FA recovery codes by clicking here. You will be prompted to provide a currently valid time-based token from your authenticator app, or a valid recovery code in order to verify that you are the legitimate user of your account.

You may view how many recovery codes remain available from the 2FA dashboard. You can also see your count of remaining recovery codes during the login process.

In the event you use all of your recovery codes during the login process, 2FA will be disabled for your Weasyl account. This is done in order to prevent your account from becoming unavailable to you, as you would not be able to provide a recovery code for future login sessions, or be able to disable 2FA. You may, however, re-enable 2FA at any time.

If you wish to disable 2FA, you will need access to your authenticator or recovery codes to prove you have control over your Weasyl account, and then visit the page to disable 2FA.

2FA is a security mechanism. If you lose access to your authenticator and your recovery codes, Weasyl staff cannot help you regain access to your account. As such, please ensure you keep your set of recovery codes in a safe location and safeguard them with the level of care you would provide other important documents such as a passport or birth certificate.

To securely store your recovery codes, a few options are available. Physically printing codes to paper is one option, and secure electronic storage is another. Electronic options include LastPass and 1Password for cloud-based password storage, and KeePass for offline password storage, as a brief example of the many options available. While Weasyl does not advocate one specific solution over another, we do recommend using both physical and secure electronic storage methods for securing your recovery codes.