2FA 方式
认证器应用(TOTP)
使用 Google Authenticator、Authy 或 1Password 等应用生成基于时间的一次性验证码。
- 离线可用
- 安全性最高
- 30 秒更换一次验证码
邮箱验证码
登录时通过邮箱接收一次性验证码。
- 无需应用
- 设置简单
- 验证码有效期 10 分钟
备份码
恢复选项
启用 2FA 后,您将获得备份码。请妥善保存,这些是您丢失 2FA 方式后的恢复选项。
- 10 个一次性备份码
- 随时可重新生成
- 请存放于安全位置
Why 2FA Matters
- Passwords alone are vulnerable to phishing, credential stuffing, and data breaches. 2FA ensures an attacker needs physical access to your device or email, not just your password.
- TOTP codes rotate every 30 seconds — a stolen code is useless within minutes.
- Account lockout triggers after 5 consecutive failed login attempts, blocking brute-force attacks automatically.
- Zero-knowledge architecture means your 2FA secrets are encrypted with your key — even cloak.business cannot disable your 2FA silently.
Supported Authenticator Apps
- Google Authenticator — iOS + Android, simple and widely used
- Authy — Multi-device sync with encrypted cloud backup
- 1Password — Integrated TOTP inside your password manager
- Microsoft Authenticator — Works on iOS, Android, and Windows
- Any RFC 6238 TOTP app — Standard-compliant apps all work with cloak.business