Enabling 2FA addresses security vulnerabilities presented by a standard password-only approach. It also adds an additional security layer to your account. This allows us to confirm that the request is really coming from you.

This feature is available to all non-OAuth users (that is, users who don't log in using the Sign in with Google/Github buttons)

We recommend enabling 2FA as a best practice.

How Do I Enable 2FA?

Sign in to the Pusher Dashboard and navigate to Account>Account.

Scroll down and click the Enable button under Two-factor Authentication

A QR code will be presented: scan the QR code with your authenticator app.

Enter the code generated by the authenticator app, along with your password and click Enable. If both the code and the password are correct then 2fa will be enabled.

Once enabled you will be presented with backup codes that can be used to access your account in the event you lose access to your authenticator app. Ensure you securely store a copy of these codes: access to your account cannot be guaranteed if you lose both your authenticator app and these backup codes.