SMS one-time code
Receive a code by SMS when signing in from a new device.
A 6-digit code is sent to your verified phone number when we detect a sign-in from an unrecognised device or location. Your phone number is: Loadingβ¦
Passkey (WebAuthn)
Sign in using Face ID, Touch ID, or a hardware security key β no password needed.
Passkeys let you sign in with biometrics or a hardware key. No password, no OTP β just your device. Once enrolled, you will see a passkey sign-in option where supported.
Authenticator app (TOTP)
Use Google Authenticator, Authy, or any TOTP app for a 30-second rotating code.
Time-based one-time passwords (TOTP) from an authenticator app provide the strongest 2FA β not tied to your phone number or email. This page keeps that future capability visible without changing todayβs auth behavior.
Recovery-code vault
Generate and keep masked backup codes on this device for emergency sign-in recovery.
These codes are stored locally in this browser only. Generating a fresh set rotates the local vault on this device and does not change trust tier, certificate state, or server-side auth rules.
Recent security events
Last sign-ins, 2FA challenges, and security changes.