1. ZeroSSL
  2. Your Account
  3. General Account Management

Two-Factor Authentication (2FA)

To strengthen the security of your ZeroSSL account, we recommend enabling Two-Factor Authentication (2FA). This adds an extra layer of protection by requiring a verification code in addition to your password when logging in.

Good to know: 2FA is available to all ZeroSSL users—existing and new, free and paid. As a security feature, it’s provided at no cost because protecting your account should never be a premium option.

 

🔐 How to Set Up 2FA

  1. Go to Your Account Settings
    Log in to your ZeroSSL account and navigate to the Account section.

  2. Click on “Setup 2FA”
    You’ll find the option to enable 2FA. Click it to begin the setup process.

     

  3. Use an Authenticator App
    Choose a trusted app such as:

    • Google Authenticator
    • Microsoft Authenticator
    • Authy

     

    Scan the QR code displayed on your screen using the app, or manually enter the setup key provided.

  4. Save Your Backup Codes
    ZeroSSL will generate 20 backup codes for emergency access.

    Important: Store these codes in a secure location. You’ll need them if you lose access to your authenticator app.

 

✅ Logging In with 2FA

Once 2FA is enabled, each time you log in, you’ll be prompted to enter the code generated by your authenticator app. This ensures that only you can access your account—even if someone else knows your password.

 

 

🛠️ Recommended Tools for Managing 2FA

To make managing your 2FA codes easier and more secure, consider using a password manager that supports storing one-time passcodes (OTP):

  • Authenticator Apps – Such as Google Authenticator, Microsoft Authenticator, or Authy.
  • Password Vaults – Like 1Password, Bitwarden, or LastPass, which support storing TOTP codes securely.
  • Any TOTP-Compatible Device or Program – Including desktop apps, browser extensions, or hardware tokens like YubiKey (if configured for TOTP).
Tip: Using a password manager with 2FA support allows you to securely store both your login credentials and your 2FA codes in one place.

🛡️ Best Practices for 2FA

  • Enable 2FA on all critical accounts (email, cloud services, developer tools).
  • Use a unique password for each account, stored securely in a password manager.
  • Keep backup codes in a secure, offline location (e.g., encrypted USB or printed copy).
  • Regularly review and update your recovery options.

📋 Track Account Activity with Audit Logs

For users on paid ZeroSSL plans, the Audit Log feature provides a detailed history of account activity, including:

  • Successful and failed login attempts
  • Enabling or disabling 2FA
  • Changes to account data (e.g., email address, billing info)
Note: Audit Logs are only available on paid plans.

 

🔒 Locked Out of Your Account?

If you're unable to access your account due to lost access to your authenticator app or backup codes, please contact our support team for assistance.

Important: For security reasons, account recovery may require identity verification. The support team will guide you through the process.
Need help? Visit our support article or contact our support team.


Was this article helpful?
0 out of 0 found this helpful