Two-step verification
Add a second check at sign-in so a password alone isn't enough.
Two-step verification (also called 2FA) adds a second check when you sign in: as well as your password, you enter a short code from an app on your phone. Even if someone learns your password, they can't get in without your phone. Find it in Account settings.
Turn it on
In the Two-factor authentication section, select Set up 2FA, and confirm your password.
Scan the QR code with an authenticator app (such as Google Authenticator, 1Password, or Authy).
Save your backup codes somewhere safe. If you ever lose your phone, a backup code lets you sign in. Each code works once.
Enter the 6-digit code from your app and select Verify & enable.
From now on, signing in asks for a code after your password.
Trusting a device
When you enter a code, you can tick Trust this device for 30 days so you're not asked every time on your own computer. Leave it unticked on shared or public computers.
Turn it off
In the same section, select Turn off 2FA and confirm your password.
Turning off two-step verification makes your account less secure. We recommend keeping it on, especially for owners and anyone with broad access.