Security Settings
The Security page (Sidebar → Profile → Security) is where you set up two-factor authentication (2FA) and manage your account security.
Two-Factor Authentication (2FA)
Two-factor authentication adds a second verification step when you log in — even if someone has your password, they cannot access your account without your phone.
Why enable 2FA?
- Protects your account if your password is ever leaked or guessed
- Required by some organisations for compliance
- Available to all users, free of charge
Two methods
The Archiver supports two ways to receive your verification code:
Authenticator App — Recommended
Uses an app on your phone to generate a code. Works with Google Authenticator, 1Password, Authy, Bitwarden, Microsoft Authenticator, and others.
- ✅ Works offline
- ✅ EU-resident — no data leaves our servers
- ✅ Works anywhere you have your phone
- ❌ If you lose your phone, you'll need your backup codes
Text Message (SMS)
Sends a one-time code to your mobile number by text.
- ✅ Works with any phone — no app needed
- ⚠️ Not EU-resident — SMS is processed outside the EU. If your organisation has strict data residency requirements, use the authenticator app instead
- ❌ Requires phone signal to receive the code
Setting up 2FA
Step 1: Choose a method
Click Set Up Two-Factor Authentication and choose either Authenticator App (TOTP) or Text Message (SMS).
If TOTP:
- A QR code appears on screen
- Open your authenticator app (Google Authenticator, 1Password, Authy, etc.)
- Scan the QR code, or paste the key manually
- Enter the 6-digit code shown in your app
- Click Verify
If SMS:
- Enter your mobile phone number (including country code, e.g.
+447123456789) - Click Send Code
- A code arrives by text message
- Enter it and click Verify
Step 2: Save your backup codes
After verification, ten one-time backup codes appear on screen. These are shown only once.
- Download, print, or save them somewhere safe (password manager, secure note, paper)
- Each code works once and cannot be reused
- If you lose your phone / authenticator, you'll need these codes to log in
- Do not share these codes with anyone
Once you close this screen, the codes are not shown again. If you lose them, you'll need to contact support or an organisation admin to reset 2FA.
Using 2FA at login
When 2FA is enabled:
- Log in with your email and password as normal
- On the "Verify your identity" screen, enter your code
- TOTP: the 6-digit code from your authenticator app
- SMS: the 6-digit code sent to your phone
- Click Verify
Lost your device? On the login screen, click "Lost access to your authenticator?" to use a backup code instead.
Changing your 2FA method
If you want to switch from SMS to TOTP (or vice versa), you'll need to disable 2FA first, then re-enrol with the new method.
- Go to Security → Two-Factor Authentication
- Click Disable Two-Factor Authentication
- Re-enter your password (security step)
- Click Set Up Two-Factor Authentication and choose the new method
Disabling 2FA
To turn off two-factor authentication:
- Go to Security → Two-Factor Authentication
- Click Disable Two-Factor Authentication
- Re-enter your password (security step)
- Confirm
After disabling, you'll only need your password to log in.
Requiring 2FA for your organisation
Admin-only (Team / Enterprise plans)
If you're an organisation admin, you can require all members to set up 2FA.
Go to Admin → Organisation → Settings → Require Two-Factor Authentication and toggle it on. Members will see a prompt to set up 2FA the next time they log in.
- Members can choose TOTP or SMS
- Admins can reset a member's 2FA if they're locked out — go to Admin → Members, find the member, and click Reset 2FA
If you're locked out
- Lost your phone or backup codes? Contact support@archivers.ai and we'll help you regain access.
- An organisation admin? You can reset a member's 2FA from Admin → Members.
See also
- Your profile — display name, password, AI & Defaults
- Organisation overview — org-level settings including 2FA enforcement