At Netlify, we take your security and privacy seriously. To put actions behind our intentions, we are so excited to officially release two-factor authentication! This is a (highly encouraged) opt-in feature that enables you to have even more secure access to your account.

TL;DR: If you have an account, you can enable two-factor auth here!

Was this a secret?

Welp... we thought it was, until the awesome Jane Manchun Wong figured us out!

Netlify is working on Two-Factor Authentication!!! pic.twitter.com/rGLXEANNv8

— Jane Manchun Wong (@wongmjane) June 25, 2020

Good job Jane. Even though you played yourself.

Anyway. Back to our regularly scheduled release!

What really is two-factor auth?

When you log in to a given website, you typically enter your username and password to access your account. This is one-factor authentication, because it's a single step taken to verify your identity.

So, as you can imagine, two-factor authentication adds another step to the password-only authentication system to further protect your account! That second step is an additional piece of information to verify your identity. Typically, you'll see two of these three things in a 2FA-enabled service:

• Something you know (like a password, PIN, or secret)
• Something you own (like a phone number or card)
• Something you are (like a fingerprint or facial recognition)

Adding this extra level of security on your account ensures that if someone were to access your information in some way, they still won't be able to access your Netlify account because of the second level of security.

I'm sold! How do I enable 2FA?

Great! Head over to your User Settings and go to the Security tab, and you'll find a spot to enable two-factor authentication. Or, you can just click here if you're already logged in.

Once you click the button that says "Enable two-factor authentication", you'll see a screen like this:

Netlify offers two-factor authentication through your favorite authentication apps. Use Authy, Google Authenticator, LastPass Authenticator, 1Password, or any others to scan the provided QR code (or manually enter in your authentication token) to connect your account.

Once you've connected your accounts, the next step is to save your recovery codes in case you lose access to your two-factor authentication apps. Save these in a safe place, and you can use each of them once to regain access to your account.

And voilà! In just a few steps your Netlify account is more secure than ever. Now go forth and coooode!