Set Up Two-Factor Authentication

Two-factor authentication (2FA) adds a second layer of log in security to your Help Scout account. Each User can set up 2FA individually from their profile page. Additionally, account Administrators can require 2FA for all Users on the account.

In this article

How Two-Factor Works

After you enable two-factor authentication, you'll log in to Help Scout with your password, then we'll send a special verification code via text message or your chosen authentication app. If you're not able to get to your app or device, you can enter a recovery code to log in. Each recovery code is unique, and can only be used once to log in.

This setting applies to all devices you use to log in to Help Scout, including the iOS and Android mobile apps.

Note: If you're using SAML or your Google account to log in to Help Scout, two-factor authentication will not be available. Use the service you're using to log in with for two-factor authentication. For example, if you're signing in with your Google account, you'd go through the 2FA process on the Google side before logging in to Help Scout.

Before You Begin

If you would like to use an authenticator app (e.g. Google Authenticator or Authy) or a hardware authenticator (e.g. Yubikey), you'll want to have those apps set up and ready to add a new login.

Enable Two-Factor Authentication


Log in to Help Scout, then click your avatar or initials in the top right corner and choose Your Profile.


Click Authentication in the left hand sidebar. On the Security tab, flip the toggle to enable 2FA. Confirm your password to move to the next step.

Select Authenticator App to use an authenticator app or device, or select Text Message to have the codes texted to you. Click Next Step.

The QR code can be used with any authenticator app or device that generates 2FA codes, not just Google Authenticator or Authy!


If you're using an authenticator app or device, you'll see a QR code to scan to add Help Scout. If you selected Text Message, enter your phone number to have a code texted to you.


Enter the 6-digit verification code generated by your authenticator app or that was texted to you, then click Next Step.


Enter a backup number to text in the next step if you chose an authenticator app or device. You can opt to Skip this step if you do not have a text-enabled number to enter, but we highly recommend you add a backup number here in case you were to lose access to your authenticator app or device.

Click Next Step to verify your backup number. And you're all set!

Manage 2FA Settings

Head back to Your Profile > Authentication to disable 2FA, change the primary method you use to authenticate, change your backup number, or view your recovery codes.

Administrators can require 2FA use at Manage > Company > Authentication> Two-Factor Authentication.

Recovery Codes

If you're not able to use your phone, you can use a recovery code to log in. We recommend saving the codes in a password management app, such as 1Password. You can also print them if needed. Each code can only be used one time.

If you generate new codes, remember to save them. Your previous recovery codes become invalid once new codes are generated.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.