Two-factor authentication

Two-factor authentication adds a second step to your sign-in process. After entering your password, you'll also need to enter a temporary code generated by an authenticator app on your phone or device.

This means that even if someone learns your password, they can't access your account without also having your authenticator app.

Biller uses TOTP (Time-based One-Time Password) authentication, which is supported by popular apps including:

• Google Authenticator
• 1Password
• Authy
• Any other TOTP-compatible authenticator app

To enable two-factor authentication:

1. Go to Settings > Security
2. Click Enable two-factor authentication
3. Open your authenticator app and scan the QR code displayed on screen, or enter the setup key manually
4. Enter the 6-digit code from your authenticator app to confirm the setup
5. Save your recovery codes in a safe place (more on this below)

Once confirmed, 2FA is active on your account immediately.

When 2FA is enabled, the sign-in process has two steps:

1. Enter your email and password as usual
2. Enter the 6-digit code from your authenticator app

The code changes every 30 seconds. Make sure you enter the current code shown in your app.

When you enable 2FA, Biller gives you 8 recovery codes. These are backup codes you can use to sign in if you lose access to your authenticator app.

Each recovery code can only be used once. After using a code, it's consumed and can't be used again.

Store your recovery codes somewhere safe and separate from your authenticator device -- for example, in a password manager or printed and kept in a secure location.

To turn off two-factor authentication:

1. Go to Settings > Security
2. Click Disable two-factor authentication
3. Enter your password to confirm

Once disabled, you'll only need your email and password to sign in. Your recovery codes will be invalidated.