- About Contentful
- Backup, security and hosting
- Best practices
- Client libraries
- Content migrations
- Content operations
- Legacy spaces
- Managing organizations and spaces
- Personal access tokens
- Rich text
- Search and content organization
- Security and privacy
- Single sign-on (SSO)
- SSO x509 certificate expiration
- Technology and features
- Two-factor authentication (2FA)
- Web app
FAQ / Two-factor authentication (2FA)
On this page
- What authenticator app can I use?
- What is Two-factor authentication?
- Can I use SMS as a second factor?
- How do I enable 2FA?
- Is 2FA available for all customers?
- How do I disable 2FA?
- What happens if I lose my phone?
- How can I see which users have 2FA enabled in my organization?
What authenticator app can I use?
2FA can be used with any authenticator app such as Google Authenticator, Authy, or Duo Mobile.
What is Two-factor authentication?
Two-factor authentication (2FA) is a way of authenticating a user through the use of two different factors. These factors are typically something a user knows (e.g. a password) and something they have (e.g. a mobile phone) or something they are (e.g. biometric information). 2FA adds another layer of protection to an account as it means you need both of these factors to access the account.
Once 2FA is enabled for a Contentful user they will be prompted for both their password and then a code from an authenticator app.
Can I use SMS as a second factor?
Due to the prevalence of SIM jacking (also known as SIM swapping or SIM splitting), Current security best practices do not encourage SMS authentication for 2FA. Accordingly, Contentful does not support SMS as a second factor. You can learn more in this recent report and on this podcast.
How do I enable 2FA?
1. On your user profile page click “Enable 2FA”
2. Scan the QR code using your authenticator app. Alternatively, use the manual code provided
3. Enter the code your authenticator app has provided and click “Enable”
Is 2FA available for all customers?
Yes. 2FA is available free of charge for all customers.
How do I disable 2FA?
1. On your user profile page click “Disable”
2. Click “Disable” on the confirmation prompt
What happens if I lose my phone?
Please contact support using the email address for the account that you want to recover.
How can I see which users have 2FA enabled in my organization?
Admins can see which users have enabled 2FA on the Users tab within Organizational Settings. There is a column labelled 2FA status which shows Enabled for any user who has enabled 2FA within your organization. There will be no text if the user has not enabled or is ineligible for 2FA.