What is Two-Factor Authentication? How do I use it?

We use two-factor authentication to keep your Substack account secure. If enabled on your account, you'll need more than just your password to log in.

What's two-factor authentication?

Two-factor authentication (also called “2FA” ) gives your account two layers of protection. To sign into Substack:

  • You'll log in by requesting a sign in link to your email or log in using your password.
  • You'll then be asked to enter a confirmation code found on the authenticator app.

Tip: An authenticator app is an app you can find on the App Store or Google Play, such as Google Authenticator or 1Password

How do I set up two-factor authentication?

On your account Settings page:

1. Enable recovery questions which can be used in the event you lose access to your email or authenticator app.

2. Once you've set up your questions, click "Enable" under Two-Factor Authentication.

3. Open the authentication app of your choice and scan the QR code to link it to your Substack account.

4. The authentication app will display a confirmation code.

5. Enter the 6-digit confirmation code on Substack and click "Submit".

Once enabled, you'll be asked to enter a new code every time you log into your Substack account. The authentication app will generate a new code every 30 seconds.

Note: Lost access to the device that's linked to your Substack two-factor authentication? Please contact our Trust & Safety team as the first step you can take to recover your Substack account.

Was this article helpful?
41 out of 119 found this helpful

Articles in this section

See more
Need more help?
Submit a request to our Support team and we'll be glad to help!