# Setting Up Two-Factor Authentication Two-factor authentication (2FA) adds an extra layer of security to your Catchify account. With 2FA enabled, you need both your password and a time-based verification code from your phone to log in -- so even if someone learns your password, they cannot access your account without your phone. ## Why You Should Enable 2FA Your Catchify portal contains sensitive security information about your organization's vulnerabilities and testing results. Enabling 2FA helps ensure that only authorized people can access this data. We strongly recommend that every team member enable 2FA on their account. {% hint style="warning" %} If your organization has a security policy that requires 2FA, your account manager can enforce it for all team members. Contact the Catchify team to learn more. {% endhint %} ## What You Need Before you begin, download an authenticator app on your phone. Any of these apps will work: | App | Available On | | ----------------------- | --------------------- | | Google Authenticator | iOS, Android | | Microsoft Authenticator | iOS, Android | | Authy | iOS, Android, Desktop | ## Setting Up 2FA 1. Log in to your account at [portal.catchify.sa](https://portal.catchify.sa) 2. Click on your **profile icon** in the top-right corner 3. Select **Settings** from the dropdown menu 4. Find the **Two-Factor Authentication** section 5. Click **Enable 2FA** 6. A QR code will appear on your screen 7. Open your authenticator app on your phone 8. Tap the **+** button to add a new account 9. Scan the QR code displayed on your screen 10. Your authenticator app will now show a 6-digit code that refreshes every 30 seconds 11. Enter the 6-digit code from your authenticator app into the verification field on the portal 12. Click **Verify and Enable** 13. You will see a confirmation that 2FA has been enabled {% hint style="success" %} Your account is now protected with two-factor authentication. Each time you log in, you will be asked for a code from your authenticator app after entering your password. {% endhint %} ## Logging In with 2FA Once 2FA is enabled, your login process will look like this: 1. Go to [portal.catchify.sa](https://portal.catchify.sa) and enter your email and password 2. You will be prompted to enter your 2FA code 3. Open your authenticator app and find the Catchify entry 4. Enter the current 6-digit code 5. Click **Verify** to complete your login ## Lost Access to Your Authenticator App? If you lose your phone or no longer have access to your authenticator app, you can regain access to your account: 1. On the 2FA prompt screen, click **Need help?** 2. Contact the Catchify support team at 3. After verifying your identity, the Catchify team will reset your 2FA so you can set it up again with a new device {% hint style="info" %} To avoid being locked out, consider setting up your authenticator on a second device or using an authenticator app like Authy that supports cloud backup. {% endhint %} ## Disabling 2FA If you need to turn off two-factor authentication (for example, when switching phones): 1. Go to **Settings** from your profile menu 2. In the **Two-Factor Authentication** section, click **Disable 2FA** 3. Enter your current 2FA code to confirm 4. 2FA will be removed from your account We recommend re-enabling it as soon as you have your new device ready.