- Settings → Password, 2FA & Sessions.
- Click 'Set up 2FA' — a QR code + secret string appears.
- Open your authenticator app (Google Authenticator, Authy, 1Password, etc.) and either scan the QR or paste the secret.
- Type the 6-digit code your app shows and click 'Verify & enable'.
If you ever lose your device, you'll need your password + the secret string we showed during setup to recover. Save it in a password manager.