HomeSecurity & AdminSetting Up Two-Factor Authentication

Setting Up Two-Factor Authentication

Protect staff accounts with 2FA using authenticator apps and backup codes.

Enabling 2FA

  1. Go to your Profile > Security settings.
  2. Click Enable Two-Factor Authentication.
  3. Scan the QR code with an authenticator app (Google Authenticator, Authy, or 1Password).
  4. Enter the 6-digit code displayed in your app to verify the setup.

Backup Codes

After enabling 2FA, SteepleOS generates 10 one-time backup codes.

  • Save these immediately in a secure location (password manager, printed in a safe).
  • Each backup code can only be used once.
  • If you run out of backup codes, you can regenerate a new set from Profile > Security, which invalidates all previous codes.

What Happens If You Lose Your Device

If you lose access to your authenticator app:

  1. Use one of your backup codes to log in.
  2. Once logged in, go to Profile > Security and click Reset 2FA.
  3. Set up 2FA again with your new device.
  4. If you have no backup codes, contact your Church Owner or Admin. They can temporarily disable 2FA on your account from Admin > Users.

Requiring 2FA for All Staff

Church Owners can enforce 2FA organization-wide under Admin > Security Policies > Require 2FA. When enabled, staff members who have not set up 2FA will be prompted to do so on their next login.

Was this article helpful?

Keep reading

Security & Admin

Role-Based Access Control (RBAC)

Assigning administrative access securely.

Security & Admin

Understanding Audit Logs

Review a detailed record of all actions taken within your organization.

Security & Admin

API Keys & Webhooks

Generate API keys, configure webhook endpoints, and test with curl.

Security & Admin

Data Privacy & Security

How SteepleOS protects member data with encryption, retention policies, and compliance.

Still stuck?

Open the green Help button in the bottom-right corner — our support assistant can walk you through this step by step.

Browse all articles