Two-step verification (2SV, also known as two-factor authentication) adds security by requiring an extra step when you log in or try to edit sensitive information like your password. We support these 2SV methods:

2SV methodSecurity levelWhen you log in…
SMS text messageGoodWe’ll text you a 6-digit code you must enter. You can’t log in if you can’t receive the code.
Authenticator app, like Google Authenticator or Authy, on your phone or other deviceBetterYou must enter the code that the app shows you. You can’t log in if you don’t have access to the app.
Hardware security key, such as a Yubikey or Google TitanBestYou must insert the hardware key to verify your identity. You can’t log in if you don’t have the key and your backup method doesn’t work.

Always set a backup 2SV method

To minimize hassle when something goes wrong (like losing your phone), always set a backup 2SV method – it’s required if you’re using a hardware key. When you enable 2SV, set the backup at the same time.

 Note: For best results, set your backup on a different device – for example, if SMS on your phone is your main 2SV, set an authenticator app on your laptop as your backup 2SV.

An easier way to use 2SV

By default, 2SV is required for every login. Instead, you can set up 2SV so you only need it for high-risk transactions like changing your account security (password, PIN, 2SV methods) or transferring a domain. If you rarely need a high-risk transaction, this could be a better fit for you.

Secure your account with two-step verification.