Two-factor authentication (2FA / MFA)

Two-factor authentication (2FA) adds a second layer of security to your account. Even if someone learns your password, they can't log in without your second factor.

TASKTOGO uses TOTP (Time-based One-Time Password) — the same standard used by Google Authenticator, Authy, and 1Password.

Enable 2FA

1. Go to Settings → Security.
2. Click Enable two-factor authentication.
3. Open your authenticator app (Google Authenticator, Authy, Microsoft Authenticator, 1Password, etc.).
4. Scan the QR code shown on screen, or manually enter the setup key.
5. Enter the 6-digit code from your app to confirm the setup.
6. Save your recovery codes — you'll see a list of 10 single-use backup codes. Store them somewhere safe (offline).
7. Click Activate 2FA.

Using 2FA when logging in

After entering your email and password, you'll be asked for a 6-digit code:

1. Open your authenticator app.
2. Find TASKTOGO in the list.
3. Enter the current 6-digit code.

Codes refresh every 30 seconds. If the code is rejected, wait for the next code and try again.

Recovery codes

Recovery codes let you access your account if you lose your authenticator device. Each code can only be used once.

To view or regenerate your recovery codes:

1. Go to Settings → Security → Two-factor authentication.
2. Click View recovery codes (requires your current password).

If you've used all your recovery codes, regenerate a new set from the same screen.

Disable 2FA

1. Go to Settings → Security → Two-factor authentication.
2. Click Disable 2FA.
3. Enter your current password to confirm.

We recommend keeping 2FA enabled. If you lost access to your authenticator app, use a recovery code to log in, then reconfigure 2FA.

I'm locked out

If you've lost both your authenticator device and your recovery codes, contact support@tasktogo.com from your registered email address. Identity verification will be required before access is restored.