> ## Documentation Index
> Fetch the complete documentation index at: https://support.humanizing.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Enable Two-Factor Authentication on Your Account

> Protect your Plural account with two-factor authentication using Microsoft Authenticator — step-by-step setup guide plus recovery advice if you get locked out.

Two-factor authentication (2FA) adds a second layer of security to your Plural login. Even if someone obtains your password, they cannot access your account without the time-limited six-digit token generated on your smartphone. Enabling 2FA is strongly recommended for all account owners and admins.

## What 2FA Protects Against

A password alone can be stolen through phishing, data breaches, or credential-stuffing attacks. With 2FA enabled, an attacker who knows your password still cannot log in — they would also need physical access to your phone and the authenticator app. This makes unauthorized access to your robots, projects, and GO balance dramatically harder.

***

## Before You Start

You need the **Microsoft Authenticator** app installed on your smartphone.

<Tabs>
  <Tab title="Android">
    Download Microsoft Authenticator from the Google Play Store:

    [https://play.google.com/store/apps/details?id=com.azure.authenticator](https://play.google.com/store/apps/details?id=com.azure.authenticator)
  </Tab>

  <Tab title="iOS">
    Download Microsoft Authenticator from the Apple App Store:

    [https://apps.apple.com/app/microsoft-authenticator/id983156458](https://apps.apple.com/app/microsoft-authenticator/id983156458)
  </Tab>
</Tabs>

***

## Enable 2FA on Your Plural Account

<Steps>
  <Step title="Open Account Settings">
    Click the **three dots (⋯)** next to your username in the lower-left corner of Plural, then select **Account Settings**.
  </Step>

  <Step title="Enable two-step authentication">
    Locate the **Two-step authentication (2FA)** section and click the **Enable** button. Plural displays a QR code on screen.
  </Step>

  <Step title="Scan the QR code">
    Open the **Microsoft Authenticator** app on your smartphone, tap **Scan a QR Code**, and allow the app to access your camera. Point your camera at the QR code shown in Plural.
  </Step>

  <Step title="Save your account in the app">
    Microsoft Authenticator adds your Plural account and immediately starts displaying a rotating six-digit token that refreshes every 30 seconds.
  </Step>

  <Step title="Verify the setup">
    Log out of Plural in your browser. Log back in with your username and password as usual. After the standard login step, Plural prompts you for a **6-digit token**. Open Microsoft Authenticator on your phone, copy the current token, and enter it in Plural to complete the login.
  </Step>
</Steps>

<Note>
  The token changes every 30 seconds. Enter it quickly after reading it from the app. If it expires before you submit, simply use the next token that appears.
</Note>

***

## Logging In With 2FA Enabled

Every time you sign in to Plural after enabling 2FA:

1. Enter your username and password as normal.
2. When Plural displays the **6-digit token** prompt, open Microsoft Authenticator on your phone.
3. Type the current token shown for your Plural account and submit.

The entire login flow takes only a few seconds once you are familiar with it.

***

## Recovery Options

<Accordion title="What if I lose access to my phone?">
  If you lose your phone or uninstall Microsoft Authenticator, you will be unable to generate tokens and therefore unable to log in while 2FA is active. In this situation, contact Plural support at [contact@humanizing.com](mailto:contact@humanizing.com) to verify your identity and have 2FA reset on your account.

  To avoid this situation, consider these precautions **before** you lose access:

  * Keep a backup device registered with Microsoft Authenticator.
  * Store your Plural account recovery codes (if provided) in a secure password manager.
</Accordion>

<Accordion title="What if I get locked out after too many failed login attempts?">
  Plural limits the number of failed login attempts to protect against brute-force attacks. If your account is temporarily locked, wait for the lockout period to expire and try again. If you have also lost your 2FA device, contact [contact@humanizing.com](mailto:contact@humanizing.com) directly.
</Accordion>

<Accordion title="How do I disable 2FA?">
  Return to **Account Settings** → **Two-step authentication (2FA)** and click **Disable**. You will need to confirm with a valid token from your authenticator app before 2FA is removed.
</Accordion>

***

<Warning>
  Do not share your authenticator device or the QR code shown during setup. Anyone who scans that QR code can generate valid tokens for your account.
</Warning>
