Setting Up Two-Factor Authentication

Add an extra layer of security to your account with two-factor authentication (2FA).

What is Two-Factor Authentication?

Two-factor authentication (also called 2FA or MFA) requires two forms of identification to log in:

1. Something you know: Your password
2. Something you have: A code from your phone

This makes your account much more secure, even if someone discovers your password.

Why Use Two-Factor Authentication?

Security benefits:

• Protects your account from unauthorized access
• Prevents someone from logging in with just your password
• Safeguards your club’s data and member information
• Recommended especially for club officers

Peace of mind:

• Know that your account is protected
• Reduce risk of account compromise
• Industry-standard security practice

Before You Begin

You’ll need:

• A smartphone (iPhone or Android)
• An authenticator app installed:
  • Google Authenticator (iOS or Android)
  • Microsoft Authenticator (iOS or Android)
  • Authy (iOS or Android)
  • Any TOTP-compatible authenticator app

Setting Up Two-Factor Authentication

Step 1: Access Security Settings

1. Log in to The Club Schedule
2. Click your name in the top-right corner
3. Select Profile or Account Settings
4. Click on the Security tab
5. Find the “Two-Factor Authentication” section

[Screenshot: Profile menu and Security settings page]

Step 2: Enable Two-Factor Authentication

1. Click Enable Two-Factor Authentication
2. You’ll see a QR code on your screen
3. Keep this page open – you’ll need it in the next step

[Screenshot: QR code display screen]

Step 3: Scan the QR Code

1. Open your authenticator app on your phone
2. Tap the + or Add button
3. Choose Scan QR Code
4. Point your phone’s camera at the QR code on your screen
5. The app will automatically add The Club Schedule

Can’t scan the code?

• Look for “Enter code manually” option in your app
• Enter the text code shown below the QR code
• Set the account name to “The Club Schedule”

[Screenshot: Authenticator app showing scanned account]

Step 4: Enter Your First Code

1. Look at your authenticator app
2. You’ll see a 6-digit code for “The Club Schedule”
3. Enter this code in the verification field on your computer
4. Click Verify and Enable

[Screenshot: Verification code entry field]

Step 5: Save Your Backup Codes

After enabling 2FA, you’ll see backup codes:

1. Copy these codes and save them somewhere safe
2. These codes let you log in if you lose your phone
3. Each code works only once
4. Store them securely:
   • Password manager (recommended)
   • Secure note on another device
   • Printed and stored in a safe place

[Screenshot: Backup codes display]

Logging In with Two-Factor Authentication

Once 2FA is enabled, your login process changes:

The New Login Process

1. Go to The Club Schedule login page
2. Enter your email and password as usual
3. Click Log In
4. You’ll see a new screen asking for your authentication code
5. Open your authenticator app
6. Enter the 6-digit code shown
7. Click Verify
8. You’re logged in

[Screenshot: Two-factor authentication code entry page]

The Code Keeps Changing

• Codes are valid for 30 seconds
• A new code appears every 30 seconds
• If a code doesn’t work, wait for the next one
• The countdown timer in your app shows time remaining

“Remember This Device” Option

When logging in, you may see:

• Checkbox: “Trust this device for 30 days”
• If checked, you won’t need a code on this device for 30 days
• Only use this on personal devices you trust
• Don’t use on shared or public computers

[Screenshot: Remember device checkbox]

Managing Two-Factor Authentication

Viewing Your 2FA Status

To check if 2FA is enabled:

1. Go to Profile > Security
2. Look for the “Two-Factor Authentication” section
3. Status shows “Enabled” or “Disabled”

Generating New Backup Codes

If you’ve used your backup codes:

1. Go to Profile > Security
2. Find “Two-Factor Authentication” section
3. Click Generate New Backup Codes
4. Your old backup codes become invalid
5. Save the new codes securely

Disabling Two-Factor Authentication

To turn off 2FA:

1. Go to Profile > Security
2. Find “Two-Factor Authentication” section
3. Click Disable Two-Factor Authentication
4. Enter your password to confirm
5. 2FA is now disabled

Troubleshooting

Best Practices

Security

• Keep backup codes secure – Store in a password manager or safe place
• Don’t share codes – Never give your 2FA codes to anyone
• Use unique passwords – Combine 2FA with a strong, unique password
• Update your phone number – Keep contact info current in case of account recovery

Device Management

• Don’t trust public computers – Never select “Remember this device” on shared computers
• Secure your phone – Use a passcode/biometric lock on your phone
• Update regularly – Keep your authenticator app updated
• Multiple devices – Consider setting up 2FA on multiple devices for redundancy

Backup Planning

• Save backup codes immediately – Don’t skip this step
• Test a backup code – Verify one works before you need it (it will be consumed)
• Generate new codes periodically – Refresh your backup codes every few months
• Store securely – Use a password manager or encrypted storage

For Club Officers

If you’re a club officer, we strongly recommend enabling 2FA because:

• You have access to member data
• You control club schedules and settings
• You manage billing and subscription
• Your account security affects the entire club

Tips

• Set up during low-stress time – Don’t wait until you have urgent club business
• Test it immediately – Log out and back in to ensure it works
• Save backup codes – This is the most important step
• Keep authenticator app updated – Updates often include security improvements
• Consider multiple backup options – Use both digital and physical backup code storage

Related Articles

• Account Settings
• Privacy and Data Rights
• Officer Roles and Permissions
• Recovering Your Account