Discourse allows us to make use of Two-Factor Authentication, which is a great security measure to prevent users from logging in as you with out authorization. To set it up, follow the instructions below:
Note: You cannot utilize “Sign in with Google” or “Sign in with Discord” functionality with 2FA enabled.
-
Head to your preferences:
-
Scroll down and select “Manage Two-Factor Authentication”
-
Re-enter your password:
-
You can utilize a hardware security key, however since most of us will not be using such a device, we’re only going to be working with a Token-Based Authenticator, so press “Add Authenticator”
-
There are many authentication apps, however the top two are Authy or Google Authenticator. Either one will do. Open the Authenticator app on your phone, and press the button to add a login. Scan the QR code provided by Discourse.
-
When ready, type in a name for the app you use, and type in the current code provided by your Authenticator app. This changes every 30 seconds, so type quick!
-
Press enable, and you’re good! You may want to consider making and keeping track of backup codes, so that if your Authenticator app fails for some reason, you can still access your account.
Now, every time you sign in to a new device, you’ll need to enter an Authentication code provided by your app.