Introducing two-factor authentication


Your Schedulin account is the key to every channel you've connected — the accounts you publish to, the drafts your team is working on, the analytics you rely on. That's a lot to sit behind a single password. So we've added two-factor authentication (2FA).
It's opt-in. If you don't turn it on, nothing changes. If you do, signing in takes one extra step: a 6-digit code that only your phone can generate.
How it works
Two-factor authentication pairs something you know (your password) with something you have (your phone). Even if your password leaks, an attacker can't get in without the rotating code from your authenticator app.
We built it on the same standard (TOTP) that your bank and GitHub use, so it works with any authenticator app you already have:
- Google Authenticator
- 1Password
- Authy
- Microsoft Authenticator
- …or any other TOTP app
Turning it on
- Go to Settings → Profile.
- Find Two-factor authentication and click Enable.
- Confirm your password.
- Scan the QR code with your authenticator app.
- Enter the 6-digit code to confirm.
- Save your backup codes somewhere safe.
That's it. The next time you sign in, we'll ask for a code after your password.
Backup codes
When you enable 2FA, we give you a set of one-time backup codes. If you ever lose your phone, each code gets you back into your account once. Keep them somewhere separate from your phone — a password manager is ideal. You can regenerate a fresh set anytime from settings.
Trust your own devices
Entering a code on every sign-in gets old on a laptop you use every day. Check Trust this device for 30 days at the prompt and we'll skip the second step on that device for a month. Public or shared computer? Leave it unchecked.
Get started
Two-factor authentication is available now for everyone. It takes about a minute to set up, and it's one of the highest-leverage things you can do to keep your account — and your audience — safe.
Enable it in your settings, or read the step-by-step guide first.