Documentation
DocumentationAccount SecurityTwo-Factor Authentication

Two-Factor Authentication (2FA)

Add an extra layer of security to your account using time-based one-time passwords (TOTP) from an authenticator app.

What is Two-Factor Authentication?

Two-factor authentication (2FA) requires something you know (your password) plus something you have (your phone with an authenticator app). Even if someone steals your password, they can't access your account without the second factor.

Inkress uses TOTP (Time-based One-Time Passwords), the same technology used by Google, Microsoft, and major banks. Your authenticator app generates a new 6-digit code every 30 seconds that's synchronized with our servers.

Compatible Authenticator Apps

You can use any TOTP-compatible authenticator app. Here are some popular options:

Google Authenticator

Simple and reliable. Available for iOS and Android.

iOSAndroid

Authy

Cloud backup and multi-device sync. Great for convenience.

iOSAndroid

Microsoft Authenticator

Full-featured with cloud backup. Integrates with Microsoft accounts.

iOSAndroid

1Password / Bitwarden

Password managers with built-in TOTP support.

1PasswordBitwarden

Setting Up Two-Factor Authentication

1

Download an Authenticator App

If you don't already have one, download an authenticator app from the list above onto your smartphone.

2

Navigate to Security Settings

Log in to your Inkress dashboard. Click on your profile menu and navigate to the Security section.

3

Scan the QR Code

Click "Enable 2FA" and you'll see a QR code. Open your authenticator app, tap the plus (+) button, and scan the QR code. This links your account to the app.

Can't scan? Click "Enter code manually" to see a text code you can type into your authenticator app.

4

Enter the 6-Digit Code

Your authenticator app will now show a 6-digit code that changes every 30 seconds. Enter the current code to verify that setup was successful.

5

Save Your Recovery Codes

After verification, you'll receive recovery codes. These are one-time use codes that let you access your account if you lose your phone.

Done!

Two-factor authentication is now enabled. You'll be asked for a code from your authenticator app each time you sign in.

Signing In with 2FA

  1. 1.Enter your email and password as usual and click Sign In.
  2. 2.You'll see a prompt asking for your authentication code.
  3. 3.Open your authenticator app and find the entry for Inkress.
  4. 4.Enter the current 6-digit code. If it's about to expire (timer almost at zero), wait for the next code.

Recovery Codes

Recovery codes are your backup if you lose access to your authenticator app. Each code can only be used once.

Using a Recovery Code

When prompted for your 2FA code, click "Use a recovery code" and enter one of your saved recovery codes. This will sign you in and mark that code as used.

Regenerating Recovery Codes

If you've used most of your recovery codes or think they may have been compromised, you can generate new ones in your Security settings. This will invalidate all previous codes.

If You Lose Your Recovery Codes

If you lose both your authenticator app and recovery codes, you'll need to contact Inkress support. For security reasons, we'll need to verify your identity before restoring access.

Managing 2FA

Disabling 2FA

You can disable 2FA from your Security settings. You'll need to enter your password and a valid 2FA code to confirm. We recommend keeping 2FA enabled or switching to passkeys for continued protection.

Switching Authenticator Apps

To switch to a different authenticator app, you'll need to disable 2FA and then re-enable it, scanning the new QR code with your new app. Make sure your old app is still working before you disable 2FA.

New Phone?

If you're getting a new phone, the easiest approach depends on your authenticator app:

  • Authy/Microsoft: Sign in on your new phone and codes will sync automatically
  • Google Authenticator: Use the app's transfer feature to move accounts to your new device
  • Lost old phone: Use a recovery code to sign in, then reconfigure 2FA

Troubleshooting

Code not working

Make sure your phone's time is set correctly. TOTP codes depend on accurate time. Go to your phone's settings and enable automatic time. If the code still doesn't work, wait for the next code (they change every 30 seconds).

Lost access to authenticator app

Use one of your recovery codes to sign in. If you don't have recovery codes, contact Inkress support with proof of your identity.

Multiple Inkress entries in authenticator

This can happen if you set up 2FA multiple times. Only the most recent entry will work. You can safely delete the older entries from your authenticator app.

Frequently Asked Questions

Do I need 2FA if I have passkeys?

Not necessarily. Passkeys are actually more secure than 2FA because they're phishing-resistant and require biometric verification. However, you can have both enabled for maximum protection when using password-based sign-in.

What if my phone is lost or stolen?

Use a recovery code to sign in from another device. Then disable 2FA and set it up again on your new phone. If you use an authenticator with cloud backup (like Authy), you can restore your codes on a new device.

Can I use SMS instead of an app?

We don't offer SMS-based 2FA because it's vulnerable to SIM-swapping attacks. Authenticator apps are significantly more secure. If you need an easy option, consider passkeys instead.

Why do codes change every 30 seconds?

This is a security feature. Short-lived codes mean that even if someone sees your code, it becomes useless within 30 seconds. This prevents code reuse and replay attacks.

Related Topics

Security Overview

Learn about all available security features for your account.

Passkeys

The most secure and convenient way to protect your account.