Multi-factor authentication

import { Steps } from ‘@astrojs/starlight/components’;

Multi-factor authentication (MFA) adds a second step to sign-in, so a password alone is not enough to reach your account. Veona asks for your second factor after you enter your email and password.

Methods Veona supports

• Authenticator app (TOTP) — a 6-digit code from an app such as Google Authenticator, refreshed every 30 seconds. This is the primary method.
• Backup codes — single-use codes you generate and keep somewhere safe, for when you cannot use your authenticator app.
• Email OTP — a one-time code sent to your email.
• SMS OTP — a one-time code sent by text, available if your phone number is verified.
• Passkey (WebAuthn) — a hardware security key or your device’s built-in biometric / screen lock.

Enrolling in two-factor

You set up two-factor during first-time onboarding, and you can manage your methods later from your account security settings.

1. Open your account security settings (or follow the Two-factor step during onboarding).

2. Add the key shown for your authenticator app, then enter the 6-digit code the app generates to confirm enrolment.

3. Generate and save your backup codes. Store them somewhere safe — each code works only once.

4. Optionally add a passkey for passwordless second-factor on a trusted device.

Using two-factor at sign-in

After your email and password are accepted, you are prompted for a 6-digit code. Enter the code from your authenticator app (or the code sent to you) to finish signing in.

Recovering with backup codes

If you cannot use your usual second factor — for example, you have lost your phone — enter one of your backup codes at the two-factor prompt instead. Each backup code works only once, so regenerate a fresh set from your security settings afterwards if you are running low.

Note

Two-factor events — enabling, disabling, challenges, backup-code use, and passkey changes — are recorded in your account’s security activity.