Help CenterMulti-Factor Authentication is necessary to secure your account against password breaches, phishing attacks, and to enhance data security.
There are 2 ways of adding Multi-Factor Authentication to your account:
1. Passkey
-
What it is: A phishing-resistant login method based on public-key cryptography. Your device creates a key pair; the private key stays on your device (or in your platform keychain) and never gets shared.
-
How you use it: Usually just Face ID / Touch ID / device PIN (or a hardware key). No codes.
-
What the server stores: Only the public key.
-
Best for: Replacing passwords or acting as the strongest form of “2FA” because it can’t be replayed and is tied to the legitimate site.
- Not great for: logging in with multiple devices. Passkeys are stored on the device, which means you will be required to set a passkey for every device you use. You can set up multiple passkeys in your account.
2. Authenticator app (TOTP)
-
What it is: An app that generates time-based one-time codes (typically 6 digits) from a shared secret set up during enrollment.
-
How you use it: Type the code after entering your password.
-
What the server stores: A copy/derivation of the shared secret (or data to verify codes).
-
Best for: Adding a second factor where passkeys aren’t available; widely supported. Also recommended when using your account on multiple devices.