What are the authentication methods to secure my account?

Multi-Factor Authentication is necessary to secure your account against password breaches, phishing attacks, and to enhance data security.

There are 2 ways of adding Multi-Factor Authentication to your account:

1. Passkey

• What it is: A phishing-resistant login method based on public-key cryptography. Your device creates a key pair; the private key stays on your device (or in your platform keychain) and never gets shared.

• How you use it: Usually just Face ID / Touch ID / device PIN (or a hardware key). No codes.

• What the server stores: Only the public key.

• Best for: Replacing passwords or acting as the strongest form of “2FA” because it can’t be replayed and is tied to the legitimate site.

• Not great for: logging in with multiple devices. Passkeys are stored on the device, which means you will be required to set a passkey for every device you use. You can set up multiple passkeys in your account.

2. Authenticator app (TOTP)

• What it is: An app that generates time-based one-time codes (typically 6 digits) from a shared secret set up during enrollment.

• How you use it: Type the code after entering your password.

• What the server stores: A copy/derivation of the shared secret (or data to verify codes).

• Best for: Adding a second factor where passkeys aren’t available; widely supported. Also recommended when using your account on multiple devices.

Related Articles:

• How do I set up Multi-Factor Authentication or 2FA?
• How do I manage passkeys or authenticators?
• How do I set up multiple passkeys?
• How do I change my default authenticator?