How to Set Up Multi-Factor Authentication (MFA)

Add an extra layer of security to your Zuro account with Multi-Factor Authentication (MFA). MFA requires a second verification step when logging in, making your account more secure.

What is MFA?

Multi-Factor Authentication adds a second verification step to your login process. Even if someone has your password, they can't access your account without the second factor.

MFA Methods

Zuro supports two MFA methods:

TOTP (Authenticator App)

• Use apps like Google Authenticator, Authy, or Microsoft Authenticator
• Generate time-based codes
• Works offline
• Most secure option

Email MFA

• Receive verification codes via email
• Easier to use
• Requires email access
• Good for users who prefer email

Setting Up MFA

Step 1: Access MFA Settings

1. Log in to your Zuro account
2. Go to Settings → Security → Multi-Factor Authentication
3. Click "Set Up MFA"

Step 2: Choose Your Method

Select either:

• TOTP (Authenticator App) - Recommended for most users
• Email MFA - Easier option if you prefer email

Step 3: Complete Setup

For TOTP:

1. Install an authenticator app on your phone
2. Scan the QR code with your app
3. Enter the 6-digit code to verify
4. Save your backup codes (important!)
5. Click "Enable MFA"

For Email:

1. Verify your email address is correct
2. Click "Enable MFA"
3. You'll receive codes via email when logging in

Using MFA

Logging In

1. Enter your email and password
2. You'll be prompted for your MFA code
3. TOTP: Open your authenticator app and enter the 6-digit code
4. Email: Check your email for the code and enter it
5. Complete login

Backup Codes

Backup codes let you access your account if you lose access to your MFA method:

• Generate codes: Settings → Security → Multi-Factor Authentication → "Regenerate Backup Codes"
• Save securely: Store in a password manager or secure location
• One-time use: Each code can only be used once
• Generate new ones: Create new codes anytime (old ones become invalid)

Managing MFA

Disable MFA

1. Go to Settings → Security → Multi-Factor Authentication
2. Click "Manage MFA Settings" (or go to /account/settings/mfa)
3. Click "Disable MFA"
4. Enter your password to confirm
5. MFA is removed from your account

Change MFA Method

1. Disable your current MFA method
2. Set up the new method
3. Enable MFA with the new method

Regenerate Backup Codes

1. Go to Settings → Security → Multi-Factor Authentication
2. Click "Manage MFA Settings" (or go to /account/settings/mfa)
3. Click "Regenerate Backup Codes"
4. Save the new codes immediately
5. Old codes will no longer work

Troubleshooting

Lost Access to Authenticator App

• Use your backup codes to log in
• Disable MFA and set it up again
• Contact support if you don't have backup codes

Not Receiving Email Codes

• Check your spam folder
• Verify your email address is correct
• Wait a few minutes and request a new code
• Check email service isn't blocking Zuro emails

Backup Codes Not Working

• Make sure you're using the most recent codes
• Each code can only be used once
• Generate new codes if needed

Best Practices

• Use TOTP for better security: Authenticator apps are more secure than email
• Save backup codes: Store them in a secure password manager
• Keep codes updated: Regenerate backup codes periodically
• Don't share codes: Never share your MFA codes or backup codes