Back to Security & Compliance
Security & Compliance

Enabling Multi-Factor Authentication

Secure your account with two-factor authentication using authenticator apps.

Last updated: 2026-03-01

Enabling Multi-Factor Authentication (MFA)

Two-factor authentication (2FA) adds an extra layer of security to your LiteSOC account. This guide shows you how to enable and manage MFA.

Why Enable MFA?

  • 🔒 Protect against password breaches
  • 🛡️ Required for SOC 2 compliance
  • ✅ Industry security best practice
  • 🚫 Prevents unauthorized access even if password is compromised

Supported Methods

LiteSOC supports TOTP (Time-based One-Time Password) authenticator apps:

  • Google Authenticator (iOS/Android)
  • Authy (iOS/Android/Desktop)
  • 1Password (built-in)
  • Microsoft Authenticator
  • Any TOTP-compatible app

Enabling MFA

Step 1: Access Security Settings

  1. Log in to your LiteSOC Dashboard
  2. Click your profile in the top right
  3. Go to SettingsSecurity

Step 2: Enable Two-Factor Authentication

  1. Find the Two-Factor Authentication section
  2. Click Enable 2FA
  3. Enter your password to confirm

Step 3: Scan the QR Code

  1. Open your authenticator app
  2. Tap Add Account or the + button
  3. Choose Scan QR Code
  4. Point your camera at the QR code on screen

Can't scan? Click "Enter code manually" and type the secret key.

Step 4: Verify Setup

  1. Enter the 6-digit code shown in your authenticator
  2. Click Verify
  3. 2FA is now enabled!

Step 5: Save Recovery Codes

Critical step! You'll be shown 10 recovery codes:

  1. Click Download or Copy
  2. Store them securely (password manager, safe, etc.)
  3. These codes let you log in if you lose your phone

Using MFA to Log In

After enabling MFA, your login flow becomes:

Email → Password → 6-digit code from app → Dashboard

Managing MFA

Regenerate Recovery Codes

  1. Go to SettingsSecurity
  2. Click Regenerate Recovery Codes
  3. Old codes are immediately invalidated
  4. Save your new codes securely

Disable MFA

  1. Go to SettingsSecurity
  2. Click Disable 2FA
  3. Enter your password and a valid 2FA code
  4. Confirm the action

⚠️ Disabling MFA reduces your account security. Only do this temporarily if switching devices.

Best Practices

  1. Use a reputable authenticator - Avoid SMS-based 2FA
  2. Backup your codes - Store recovery codes offline
  3. Enable on all accounts - Use 2FA everywhere you can
  4. Use app backup features - Authy and others support encrypted backup

Lost access to your authenticator? Use a recovery code or contact support.

Related Articles

SOC 2 Compliance Overview

Understand how LiteSOC helps you achieve and maintain SOC 2 compliance.

Was this article helpful? Need more assistance?

Contact Support →API Documentation →