Two-Factor Authentication
Two-factor authentication (2FA) adds a second layer of security to your BostonBargains account. With 2FA turned on, signing in requires both your password and a temporary 6-digit code from an authenticator app on your phone. Even if someone learns your password, they can't get in without your phone.
2FA on BostonBargains is optional. You can turn it on or off at any time from your account settings.
What you'll need
A free authenticator app on your smartphone. Any of these work:
- Google Authenticator (iPhone & Android)
- Microsoft Authenticator, Authy, 1Password, or any other TOTP app
How to set it up
- On your phone, install Google Authenticator from the App Store or Google Play.
- On BostonBargains, go to Dashboard → Two-factor auth (or Profile & Settings → Security).
- Click Set up two-factor authentication. A QR code and a manual key will appear.
- In the authenticator app, tap + (add account) and choose Scan a QR code. Point your camera at the QR code on screen. If you can't scan, choose Enter a setup key and type the manual key shown.
- The app will start showing a 6-digit code that changes every 30 seconds.
- Back on BostonBargains, type the current 6-digit code into the box and click Verify & enable 2FA.
- You'll be shown a set of backup codes — save them somewhere safe (see below). That's it; 2FA is now on.
🔑 About your backup codes
When you enable 2FA we give you ten one-time backup codes. If you ever lose your phone or can't open your authenticator app, you can enter one of these codes instead of the 6-digit code to sign in. Each backup code works only once. Keep them somewhere safe and private — a password manager is ideal. You can regenerate a fresh set at any time from the Security tab (which immediately invalidates the old set).
Signing in with 2FA
After 2FA is enabled, signing in has one extra step:
- Enter your email and password as usual.
- When prompted, open your authenticator app and enter the current 6-digit code (or a backup code).
- You're in. The code is only needed at sign-in, not on every page.
Turning 2FA off
Go to Profile & Settings → Security, enter your password, and click Disable 2FA. Your account will go back to password-only sign-in.
Troubleshooting
- "That code wasn't valid." The most common cause is your phone's clock being slightly off. Make sure your phone is set to update the time automatically, then try the current code again.
- Lost your phone? Use one of your backup codes to sign in, then disable or re-set-up 2FA from the Security tab.
- Lost your phone and your backup codes? Use the Report a Problem page (you'll need access to your account email) and our team will help you regain access.
Ready to secure your account?
Set up 2FA now