Two-factor authentication (2FA)

Add a second step at sign-in so a stolen password alone is not enough to reach your PrivateDocs AI account.

What is two-factor authentication?

Two-factor authentication (2FA) adds another factor beyond your password. With an authenticator app, you enter a short, time-based code from your phone after your password. Someone who only knows the password still cannot complete sign-in without that second factor.

Why enable 2FA?

  • Stronger account control: A leaked or guessed password is not sufficient for access.
  • Aligned with sensitive work: If your vault holds legal, financial, or regulated material, 2FA matches how enterprises protect identity elsewhere.
  • Low ongoing effort: After setup, you only enter a code when you sign in (or when your session expires).

What you need

  • Your PrivateDocs AI account
  • A smartphone (iOS or Android)
  • An authenticator app, for example: Google Authenticator, Authy, Microsoft Authenticator, or a password manager that supports standard time-based codes (such as 1Password or Bitwarden)

Step-by-step setup

1. Install an authenticator app

  1. Open your phone's app store.
  2. Search for an app such as Google Authenticator or Authy.
  3. Install it and complete any first-run setup.

2. Open security settings in PrivateDocs AI

  1. Sign in to your account.
  2. Open the Dashboard.
  3. Find the Security section.
  4. Choose Manage 2FA (the exact label may vary slightly).

3. Start enrollment

  1. Select Enable two-factor authentication (or equivalent).
  2. A QR code appears on screen — keep this page open until you finish.

4. Scan the QR code

  1. Open your authenticator app.
  2. Use Add account or Scan QR code.
  3. Point the camera at the QR code on your computer screen.

If scanning fails, use the manual setup key shown on screen and enter it into the authenticator as a time-based account.

5. Verify and finish

  1. Note the 6-digit code shown in the app.
  2. Enter it in the verification field in PrivateDocs AI.
  3. Confirm — you should see a success message when 2FA is active.
Save your setup key

Store the manual setup key in a password manager or other offline backup. If you replace your phone and have no backup, recovery may require support and proof of account ownership.

Signing in with 2FA

  1. Go to the PrivateDocs AI sign-in page.
  2. Enter your email and password.
  3. After the password step, you are prompted for a 6-digit code.
  4. Open your authenticator app, select your PrivateDocs AI entry, and enter the current code.
  5. Submit — codes typically rotate about every 30 seconds.
Time matters

If your phone's clock is wrong, codes may be rejected. Use automatic date and time in system settings.

Managing your 2FA devices

View active enrollments

In DashboardSecurity Manage 2FA, you can see devices or factors that are registered. Each row usually shows a label, status, and when it was added.

Remove a device

  1. Open the same 2FA management screen.
  2. Choose Remove next to the factor you no longer trust or use.
  3. Confirm. If you remove every factor, 2FA is no longer required at sign-in.
Removing all factors

If you remove all 2FA devices, only your password protects the account. Only do this when you intend to disable 2FA or are replacing factors in a planned way.

Troubleshooting

"Invalid code"

  • Enable automatic time on your phone.
  • Enter the code before it expires.
  • Confirm you selected the correct account in the authenticator.

Lost phone

  • If you saved the setup key, enroll a new phone using that key.
  • If you have no backup, contact support with your account email.

QR code will not scan

  • Use the manual key instead.
  • Check camera permissions for the authenticator app.
  • Try another authenticator app if the problem persists.

Locked out

Best practices

  • Keep the OS and authenticator app updated.
  • Store setup keys only in trusted vaults — not in email or chat.
  • Before selling or recycling a phone, remove 2FA enrollments tied to it.
  • Do not share one-time codes with anyone; support will never ask for them.

Multiple devices

You can use the same setup key on more than one phone or app by scanning the same QR code or typing the same key when you enroll each device (if your workflow allows). That gives you backup access if one device is lost.

FAQ

Is 2FA required? Not always, but it is strongly recommended for accounts that protect sensitive document workflows.

SMS instead of an app? Today, use an authenticator app with time-based codes. SMS options may appear in a future release.

Can I turn 2FA off? Yes — remove registered factors from the 2FA management screen until none remain.

How long is each code valid? Typically about 30 seconds before a new code is shown.

Privacy note

During setup, your authenticator and PrivateDocs AI exchange a secret key. Treat backup codes and setup keys like passwords. Follow your organization's policy for where recovery material may be stored.

More context: Passwords · Help center