# Two Factor Authentication User Guide

With the ability to extensively use Rocket.Chat on multiple platforms, and there is the risk of exposing your account details. Rocket.Chat two-factor authentication (2FA) provides additional protection for workspace users by requiring them to provide two forms of authentication before accessing their accounts.

With 2FA enabled, a Rocket.Chat user is required to enter not only their username and password but also a one-time code generated by an authentication app, such as Google Authenticator when logging into their account. This code is unique to each login attempt and provides an extra layer of security, as it cannot be reused or guessed.

{% hint style="info" %}
By default, 2FA is enabled with the email you used for signing up on the server.
{% endhint %}

To use 2FA, the Rocket.Chat workspace administrator must turn on the [Two Factor Authentication](https://funke-olasupo.gitbook.io/user-guide/6.5/workspace-administration/settings/account-settings#two-factor-authentication) feature.

## Enabling Two Factor Authentication

{% hint style="info" %}
Before beginning the setup, download any available Authenticator app of your choice. Some popular Authenticators include [Google Authenticator](https://googleauthenticator.net/),[ Authy, ](https://authy.com/)and[ Duo](https://duo.com/).
{% endhint %}

To enable 2FA on your account,

* Click your avatar and select **My Account**.
* Navigate to **Security > Two Factor Authentication**.
* Click **Enable two-factor authentication via TOTP** .
* Scan the QR Code provided with your Authenticator app or setup using the Authentication keys manually.
* Add the code generated by the Authenticator app (`Rocket.Chat: <username>`) and click **Verify.**
* A list of backup codes is provided. Save them securely in case you lose access to your Authenticator app. Now, the 2FA setup is completed.

{% hint style="info" %}

* TOTP is a Time-based One-Time Password. It is a very common form of 2FA.
* TOTP works by generating a unique numeric password with a standardized [algorithm](https://tools.ietf.org/html/rfc6238). Time-based passwords are available and provide user-friendly, increased account security when used as a second factor.
  {% endhint %}