Two-Factor Authentication (2FA)
Last Updated: 2026-02-09
Two-factor authentication adds an extra layer of security to your cloak.business account. With 2FA enabled, signing in requires both your password and a time-sensitive code -- making unauthorized access significantly harder even if your password is compromised.
What is 2FA?#
Two-factor authentication requires two separate forms of verification when you sign in:
- Something you know -- your password.
- Something you have -- a one-time code from an authenticator app or your email inbox.
This means that a password alone is not enough to access your account.
Available Methods#
| Method | How It Works | Code Validity |
|---|---|---|
| Authenticator App (TOTP) | A time-based one-time password generated by an app on your device | 30 seconds |
| Email Code | A one-time code sent to your registered email address | 10 minutes |
We recommend using an authenticator app for the fastest and most reliable experience.
Setting Up 2FA#
Option 1: Authenticator App#
- Sign in and go to Account Settings > Security.
- Click Enable 2FA.
- Select Authenticator App.
- Scan the QR code with your preferred authenticator app:
- Google Authenticator
- Authy
- 1Password
- Microsoft Authenticator
- Enter the 6-digit code from the app to confirm setup.
- Save your backup codes (see below).
Option 2: Email Code#
- Sign in and go to Account Settings > Security.
- Click Enable 2FA.
- Select Email Code.
- A verification code is sent to your registered email address.
- Enter the code to confirm setup.
- Save your backup codes (see below).
Backup Codes#
When you enable 2FA, the system generates 10 single-use recovery codes. Each code can be used exactly once in place of a 2FA code.
Store these codes securely:
- Save them in a password manager.
- Print and store in a safe location.
- Do not store them in plain text on your device.
If you run out of backup codes, you can generate a new set from Account Settings > Security > Regenerate Backup Codes. This invalidates all previously issued codes.
Signing In with 2FA#
- Enter your email and password as usual.
- You are prompted for a second factor.
- Enter the 6-digit code from your authenticator app or email.
- Access granted.
If you use an authenticator app, the code refreshes every 30 seconds. Always enter the current code displayed in the app.
Disabling 2FA#
- Go to Account Settings > Security.
- Click Disable 2FA.
- Enter your current 6-digit code to confirm.
- 2FA is removed from your account.
You can re-enable 2FA at any time by repeating the setup process.
Lost Access#
If you cannot generate a 2FA code:
| Situation | Solution |
|---|---|
| Lost your phone or authenticator app | Use one of your backup codes to sign in |
| Used all backup codes | Contact support at support@cloak.business with your account email |
| Lost access to email (email code method) | Contact support for manual identity verification |
After regaining access, we recommend immediately setting up a new authenticator app and generating fresh backup codes.
Best Practices#
- Enable 2FA as soon as possible -- it is the single most effective step to protect your account.
- Use an authenticator app over email codes when possible -- it works offline and is not vulnerable to email interception.
- Save your backup codes in a separate, secure location.
- Never share your 2FA codes with anyone. cloak.business staff will never ask for them.
Document maintained by cloak.business