# 2FA - Two-factor authentication

**Two-factor authentication**, or **2FA** as it's commonly abbreviated, adds an extra step to your basic login procedure. Without 2FA, the password is your single factor of authentication: you enter your username and password, then you're done.

With 2FA, you log in to the Admin Panel by entering your username and password and the six-digit code provided by an app installed on your smartphone.

After the latest update of the Admin Panel, you will be prompted to enter the 2FA code in a new pop-up window.

### **Enable 2FA for the Admin Panel**

If you're using this Admin account as credentials for the API, the API login will fail after enabling 2FA. To solve this, create a Sub-Admin with special permissions for the API authentication only.

What you need:

\- a smartphone with a 2FA App installed (OTP / 2-Step Verification / 2-Factor Authentication), such as [Authy](https://play.google.com/store/apps/details?id=com.authy.authy&hl=en) or [Google Authenticator](https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en).

To enable 2FA for your Admin account:

- Log in to the **[Admin Panel](https://admin.emailarray.com/)**
- From the menu, go to **Security** → **2FA**
- Update the dropdown **Select Status** to **Enabled**. Click on the **Save** button.

 **[![Admin Panel - 2FA (Two-factor authentication) - how to enable 2fa.jpg](https://wikidev.emailarray.com/uploads/images/gallery/2024-08/scaled-1680-/admin-panel-2fa-two-factor-authentication-how-to-enable-2fa.jpg)](https://wikidev.emailarray.com/uploads/images/gallery/2024-08/admin-panel-2fa-two-factor-authentication-how-to-enable-2fa.jpg)**

- Recheck the requirements: have a 2FA App installed on your phone.
- When ready, click on the **Next** button.

 [![Admin Panel - 2FA (Two-factor authentication) - step 1.PNG](https://wikidev.emailarray.com/uploads/images/gallery/2024-08/scaled-1680-/admin-panel-2fa-two-factor-authentication-step-1.PNG)](https://wikidev.emailarray.com/uploads/images/gallery/2024-08/admin-panel-2fa-two-factor-authentication-step-1.PNG)

- Scan the QR code with the installed 2FA App and fill in the generated six-digit code in the **Challenge** input field.
- **Click on the Save button before your token expires.**

 <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size">[![Admin Panel - 2FA (Two-factor authentication) - step 2.PNG](https://wikidev.emailarray.com/uploads/images/gallery/2024-08/scaled-1680-/admin-panel-2fa-two-factor-authentication-step-2.PNG)](https://wikidev.emailarray.com/uploads/images/gallery/2024-08/admin-panel-2fa-two-factor-authentication-step-2.PNG)</span>

### **Disable 2FA for the Admin Panel**

To disable the 2FA for your Admin account:

- Log in to the **[Admin Panel](https://admin.emailarray.com/)**
- From the menu, go to **Security** → **2FA**
- Update the dropdown **Select Status** to **Disabled**. Click on the **Save** button.

 <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size">[![Admin Panel - 2FA (Two-factor authentication) - disable.PNG](https://wikidev.emailarray.com/uploads/images/gallery/2024-08/scaled-1680-/admin-panel-2fa-two-factor-authentication-disable.PNG)](https://wikidev.emailarray.com/uploads/images/gallery/2024-08/admin-panel-2fa-two-factor-authentication-disable.PNG)</span>

- Insert the token from your 2FA App (such as Authy or Google Authenticator) in the **Challenge** input field.
- **Click on the Save button before the token expires.**

 [![Admin Panel - 2FA (Two-factor authentication) - disable - step 1.PNG](https://wikidev.emailarray.com/uploads/images/gallery/2024-08/scaled-1680-/admin-panel-2fa-two-factor-authentication-disable-step-1.PNG)](https://wikidev.emailarray.com/uploads/images/gallery/2024-08/admin-panel-2fa-two-factor-authentication-disable-step-1.PNG)

- After you see the confirmation message that the 2FA was disabled, you can delete the entry from your 2FA app.