You want to feel safe and secure in everything you do in life, particularly when it comes to your personal data. That’s why we’ve implemented several security measures to protect your Todoist account.
About two-factor authentication
Two-factor authentication or 2FA adds an extra layer of security to your account by requiring you to use a third-party authentication app when logging into your account.
After entering your account email address and password, Todoist will ask for a 6-digit one-time passcode. Your preferred third-party authentication app generates this passcode for you.
If you’ve enabled 2FA on your account, you’ll be prompted to use a one-time passcode for a variety of actions:
- Log in to your Todoist account
- Turn off 2FA
- Change your email address in your Todoist account
- Download a backup of your account
- Delete your Todoist account
- View your recovery codes
Quick tip
If you’ve lost access to your authentication app and the one-time passcode, learn how to request a recovery code.
Todoist supports authentication apps installed on your mobile device. If you don’t already have an authentication app, like Authy or Google Authenticator, make sure to install one before setting up 2FA for your account.
Turn on two-factor authentication
- Log in to Todoist in a browser.
- Click your avatar in the top-left.
- Click Settings.
- Select Account in the left-hand menu.
- Click the toggle below Two-factor authentication.
- Scan or copy the secret code you see to your authentication app.
- Enter the verification code. You'll see a confirmation notice that verification is complete.
- Click Continue in the bottom-right side.
- Scroll down to Save your recovery codes and click Copy all codes.
- Click Continue.
Quick tip
Save your recovery codes in a secure place. If you ever get logged out of your account, you may need them to get back in.
2FA is now enabled on your account. If you don’t see your 2FA settings, learn how to troubleshoot this issue.
Turn off two-factor authentication
- Log in to Todoist in a browser.
- Click your avatar in the top-left.
- Click Settings.
- Select Account in the left-hand menu.
- Scroll down to Two-factor authentication and toggle the setting Off.
- Enter a one-time passcode from your authentication app.
Get more help
If you’re having trouble setting up or using two-factor authentication for your Todoist account, learn how to troubleshoot issues with your 2FA setup.
Physical security keys for 2FA aren’t supported yet. Share this as a feature request.