Two-Factor Authentication
Protect your account with a 6-digit code from an authenticator app, and recover access with backup codes.
Two-factor authentication (2FA) adds a second layer of protection to your account. After entering your password, you confirm a 6-digit code from an authenticator app on your phone — so even if someone learns your password, they can't get in.
2FA is available on the Business plan and above.
What you need
An authenticator app on your phone. Any TOTP-compatible app works, including:
- Google Authenticator (iOS / Android)
- Microsoft Authenticator (iOS / Android)
- 1Password, Bitwarden, or another password manager with TOTP support
Signplanr never sends codes by SMS or email — the code always comes from your app.
Setting up two-factor authentication
- Go to Account → Security, or visit signplanr.com/account/security.
- Click Set up two-factor authentication.
- Open your authenticator app and scan the QR code. If you can't scan, enter the setup key shown below the QR code manually.
- Enter the 6-digit code your app shows and click Verify and enable.
As soon as 2FA is enabled, you'll see your backup codes. Save them before closing the dialog — they are only shown once.
Backup codes
When you enable 2FA, Signplanr generates 10 one-time backup codes. Each code can be used once in place of an authenticator code — they are your safety net if you lose your phone.
- Copy or download the codes and store them somewhere safe (a password manager is ideal).
- Your remaining code count is shown on the Security page.
- You can regenerate a fresh set at any time — this invalidates all previous codes.
Logging in with 2FA
- Enter your email and password as usual.
- When prompted, enter the 6-digit code from your authenticator app.
If you don't have your device, click Use a backup code instead and enter one of your saved backup codes.
Trusted devices
Tired of entering a code on the same computer every day? Tick Trust this device for 30 days when entering your code. That browser will skip the two-factor prompt for 30 days, then ask again.
- Trusted devices are listed on Account → Security, with when they were trusted and last used.
- Revoke a device at any time — it will be asked for a code again within 15 minutes.
- Revoke anything you don't recognise, and avoid trusting shared or public computers.
- Disabling 2FA removes all trusted devices.
Recovering your account
Lost access to your authenticator app?
- On the 2FA prompt, choose Use a backup code instead.
- Enter one of the backup codes you saved during setup.
- Once you're in, go to Account → Security and either set up your new device or regenerate your backup codes.
Out of backup codes and no authenticator access? Contact your organisation owner, or email us at contact@signplanr.com from your account email address — we can verify your identity and reset 2FA for you.
Disabling two-factor authentication
- Go to Account → Security.
- Click Disable and confirm with a current code from your authenticator app.
Disabling 2FA deletes your backup codes. You can re-enable it at any time.
Tips
- Save backup codes immediately — the most common lockout is a lost phone with no saved codes.
- Use a password manager — apps like 1Password store the TOTP secret alongside your password, so a new phone doesn't lock you out.
- Watch for the low-codes email — Signplanr emails you when you're down to your last couple of backup codes.