Two-factor authentication adds an extra layer of security to your Start.me account. When enabled, you need both your password and a code from an authenticator app to sign in.
Even if someone learns your password, they cannot access your account without the code from your phone.
What you need
To use two-factor authentication, you need an authenticator app on your phone.
Popular options include:
Google Authenticator (Android, iOS)
Microsoft Authenticator (Android, iOS)
Authy (Android, iOS, Desktop)
1Password (Android, iOS, Desktop)
These apps generate a new 6-digit code every 30 seconds.
How to enable two-factor authentication
1. Go to the Authentication settings: https://start.me/users/authentication
2. Click Enable two-factor authentication.
3. Enter your account password (this step is skipped if you signed up with a social login like Google).
4. Open your authenticator app and scan the QR code shown on screen. If you cannot scan the code, click the link to see a text key you can enter manually.
5. Enter the 6-digit code from your authenticator app to confirm the setup.
6. Done! Two-factor authentication is now active on your account.
You will receive an email confirming that two-factor authentication has been enabled.
Tip: Make sure to save a backup of the QR code or text key in a safe place. You will need it if you switch phones or lose access to your authenticator app.
Signing in with two-factor authentication
1. Enter your email and password as usual.
2. You will see a screen asking for a verification code.
3. Open your authenticator app and enter the 6-digit code.
4. Click **Verify** to sign in.
How to disable two-factor authentication
1. Go to the Authentication settings: https://start.me/users/authentication
2. Click Disable two-factor authentication.
3. Enter your account password (this step is skipped if you signed up with a social login).
4. Enter a 6-digit code from your authenticator app.
5. Two-factor authentication is now disabled.
You will receive an email confirming that two-factor authentication has been disabled.
Lost access to your authenticator app?
If you lost your phone or can no longer access your authenticator app, you can disable two-factor authentication using a recovery email.
1. Go to the sign-in page and enter your email and password.
2. On the verification code screen, click **Lost access to your authenticator?**
3. A recovery link will be sent to your email address.
4. Open the email and click the link to disable two-factor authentication. The link is valid for 1 hour.
5. After clicking the link, two-factor authentication is disabled and you can sign in normally.
You can then set up two-factor authentication again with a new authenticator app if you wish.
Important: If you did not request a recovery link, you can safely ignore the email. Your two-factor authentication will remain active.
Frequently asked questions
Can I use two-factor authentication if I signed up with Google or another social login?
Yes. If your account does not have a password (for example, if you signed up with Google), the password step is automatically skipped during setup and removal.
What happens if I enter the wrong code?
You will see an error message and can try again. Codes change every 30 seconds, so make sure you are entering the most recent code from your authenticator app.
Will I get notified when two-factor authentication is enabled or disabled?
Yes. You will receive an email every time two-factor authentication is enabled or disabled on your account. If you did not make the change, secure your account immediately by resetting your password.
Can I use the same authenticator app for multiple accounts?
Yes. Most authenticator apps support multiple accounts. Each account will have its own entry in the app.
I switched to a new phone. What should I do?
If you still have access to your old phone, you can transfer your authenticator entries using the export or transfer feature in your authenticator app.
If you no longer have access to your old phone, use the recovery link option on the sign-in page to disable two-factor authentication, then set it up again on your new phone.