# Two-factor authentication (2FA)

#### 2FA (two-factor authentication) is a security method that requires two verification factors to confirm a user’s identity, making accounts much harder to compromise even if a password is stolen.

***

## General information

**Xopero ONE** supports two-factor authentication (2FA) based on an authenticator application. To use 2FA with your **Xopero ONE** account, you must first enable it in the **Xopero ONE Management Service** (**XMS**) admin panel and then complete the setup.

{% hint style="danger" %}
You can always enable or disable two-factor authentication for your own account. To manage 2FA settings for other users, you must have the **UserManagement** permission.
{% endhint %}

***

## Enabling 2FA in Xopero ONE

{% stepper %}
{% step %}
Click your profile icon in the top-right corner of your **XMS** panel and select **Account**.

<figure><img src="/files/lPem1eINRmEvwdU4SBpO" alt=""><figcaption><p><em>Account settings in XMS.</em></p></figcaption></figure>

{% endstep %}

{% step %}
Toggle **Two-factor authentication** button and click **Save** in the bottom-right.

<figure><img src="/files/Blb86mWBQFm61ueYVRzG" alt=""><figcaption><p><em>2FA option turned on.</em></p></figcaption></figure>
{% endstep %}

{% step %}
You will see the change confirmation in the top-right corner of the screen. Once done, log out of your **XMS**, then log back in to trigger 2FA setup.
{% endstep %}
{% endstepper %}

***

## 2FA setup in Xopero ONE

{% hint style="danger" %}
After you enable 2FA in **XMS**, you will be prompted to complete the authenticator app setup during your next login. After the setup is complete, all subsequent logins will require successful two-factor verification.
{% endhint %}

{% stepper %}
{% step %}
Scan the QR code or copy the secret key to your authenticator app.

<figure><img src="/files/T0Q6xb1trI6k4RJCSLIi" alt="" width="473"><figcaption></figcaption></figure>
{% endstep %}

{% step %}
Enter the code from your authenticator app in the designated fields. Once done, click **Verify now** to finish the application setup.

<figure><img src="/files/Z79mwGdEp7g9YtkkUEaB" alt=""><figcaption></figcaption></figure>
{% endstep %}

{% step %}
If the verification is successful, you will see a confirmation message.

Below the message you will find your recovery codes — save them before you go to the management console app. If you fail o save the codes right away, you can generate them later in your **XMS** account settings.

<figure><img src="/files/o1YYzg0ZkKxENG9Fsl8r" alt="" width="521"><figcaption></figcaption></figure>
{% endstep %}

{% step %}
Your 2FA setup is now complete. Next time you login to your **XMS** panel, you will be prompted to verify yourself with 2FA.
{% endstep %}
{% endstepper %}

***

## Recovery codes

If you lose access to your authenticator app, you can log in to **Xopero ONE Management Service** using one of the recovery codes generated during 2FA setup.

{% hint style="danger" %}
**Each code is valid for a single login only** — once used, it expires.
{% endhint %}

Unused codes do not expire over time; they remain active until used or until new codes are generated, either manually or by re-registering the **2FA**.

If you have used several codes or suspect they have been compromised, you can generate a new set by going to ⚙️ **Settings** > **Accounts** > **Edit account** and clicking **Generate recovery codes** button.

<figure><img src="/files/oz1HzKRG5yGunknPdskM" alt=""><figcaption></figcaption></figure>

***

## Reconfiguring the authenticator app

{% stepper %}
{% step %}
Log in to your account (use a recovery code if your authentication device is lost or otherwise unavailable).
{% endstep %}

{% step %}
Go to **⚙️ Settings** > **Accounts** > **Edit account**.
{% endstep %}

{% step %}
Toggle **Two-factor authentication** off to disable it and **save the change**. Then toggle it back on and **save the change again**.

<figure><img src="/files/dd74iYROVltLDxm3dMBr" alt=""><figcaption></figcaption></figure>
{% endstep %}

{% step %}
Your 2FA configuration is now reset. During your next sign-in, you will be prompted to complete the authenticator app setup.
{% endstep %}
{% endstepper %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://helpcenter.xopero.com/xopero-one-en/login-and-password/two-factor-authentication-2fa.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.