---
title: Two-Factor Authentication for Your Account
shortDescription: Set up two-factor authentication on your Fourthwall account with passkeys or an authenticator app to protect your login.
articleType: Setup Guide
primaryTopic: two-factor-authentication
categories:
  - Account Management
tags:
  - two-factor-authentication
  - 2fa
  - account-security
  - passkeys
  - authenticator-app
  - login-security
  - biometric
  - account-protection
tasks:
  - Enable two-factor authentication on your account
  - Add a passkey for biometric login
  - Set up an authenticator app for 2FA
  - Add a backup 2FA method
  - Remove a two-factor authentication method
  - Recover access after losing a 2FA method
terms:
  - two-factor authentication
  - 2FA
  - two factor
  - 2 factor authentication
  - account security
  - passkey
  - authenticator app
  - TOTP
  - biometric login
  - login verification
  - secure account
  - account lockout
  - two step verification
  - 2SV
labels:
  - account-security
  - authentication
  - login
contextString: Available on all plans. Set up via Dashboard > Account > Security.
breadcrumbPath: "Getting started > Setting up your shop > Get started > Two-Factor Authentication for Your Account"
relatedModules:
  - name: account-security
    route: /admin/dashboard/account/security
path: getting-started/setting-up-your-shop/get-started/two-factor-authentication-for-your-account
last_updated: '2026-04-25'
---

# Two-Factor Authentication for Your Account

Two-factor authentication (2FA) requires a second verification step when you sign in, keeping your account protected even if your password is compromised. Fourthwall supports two methods: passkeys (biometric or hardware keys) and authenticator apps. Keep at least two methods active so you can always regain access.

## Set up two-factor authentication

Go to **Account** > **Security** at https://my-shop.fourthwall.com/admin/dashboard/account/security/?redirect in your dashboard. Choose a method and click **Set up**:

- **Passkeys.** Biometric or hardware key authentication using fingerprint, face ID, or a physical security key. No code entry required.
- **Authenticator app.** A time-based one-time password (TOTP) app like Google Authenticator, Authy, or 1Password generates a 6-digit code you enter at login.

Follow the on-screen steps to complete setup.

Important: After setting up your first 2FA method, add a second one as a backup. If you lose access to your only 2FA method, recovering your account requires contacting support.

## Add a backup method

Once you have one 2FA method active, a **Set up another** link appears next to each method type. Click it to add a second option. Having at least one passkey and one authenticator app gives you a fallback if you change devices or lose access to one method.

## Remove a two-factor authentication method

Go to **Account** > **Security** and click the delete icon next to the method you want to remove. You can only remove a method if at least one other method remains active. To disable 2FA entirely, or if you are locked out, contact support@fourthwall.com.

## What to do if you're locked out

If you can't access any of your 2FA methods, contact support@fourthwall.com with your account email and any verification details.

To prevent lockouts:

- Register at least two 2FA methods before you need them.
- If you're switching phones, add the new device to your authenticator app before removing the old one.

## Frequently asked questions

## Does 2FA affect my password reset?

No. Password reset happens on the login screen before 2FA is checked. See the Reset your password article for steps.

## Can I use the same authenticator app on a new phone?

Yes, if you transfer your authenticator app data during a phone migration. If you set up a new phone without migrating, add it as a new 2FA method while you still have access to your old device. Do this before switching phones.

## Is 2FA required?

2FA is optional. Fourthwall recommends enabling it, especially for high-volume shops or accounts shared with team members.

## Does 2FA apply to team members?

Each team member logs in with their own credentials. 2FA is per-account, so team members manage their own 2FA in their own account settings.
