Loading the new Help Center

How to enable two-factor authentication

Available for:
Free
Premium
Business

You want to feel safe and secure in everything you do in life, particularly when it comes to your personal data. That’s why we’ve implemented several security measures to make your Todoist account as safe as possible.

Read on to learn more!

How to set up two-factor authentication

Two-factor authentication (also referred to as 2FA) adds an extra layer of security to your account by requiring you to use an authentication app when logging into your account.

In order to use 2FA on your account, you’ll need to install the setting first. Here’s how:

Please make sure that your Todoist is version 2552 or higher.
  1. If you don’t already have an authentication app (such as Authy or Google Authenticator) on your mobile device, make sure to install one now.
  2. Log in to Todoist in a browser.
  3. Click your avatar in the top-right corner.
  4. Click Settings.
  5. Select Account in the left-hand menu.
  6. Click Enable two-factor authentication.
  7. Scan or copy the secret code you see to your authentication app.
  8. Your authentication app will give you a verification code, which you should enter in Todoist now. You will now see the words Verification successful.
  9. Click Continue in the bottom-right corner.
  10. Scroll down to Save your recovery codes and click Copy all codes.
    • It’s very important that you save these codes in a secure place. If you ever get logged out of your account, you may need them to get back in.
  11. Click Continue in the bottom-right corner.
Please make sure that your Todoist app is version 22.10.9 or higher.
  1. If you don’t already have an authentication app (such as Authy or Google Authenticator) on your mobile device, make sure to install one now.
  2. In your Todoist app, tap the gear icon in the top-right corner.
  3. Select Account.
  4. Tap Enable 2FA.
  5. Copy the secret code you see to your authentication app.
  6. Your authentication app will give you a verification code, which you should enter in Todoist now.
  7. Tap Done in the top-right corner.
  8. You will now see the words Verification successful.
  9. Scroll down to Save your recovery codes and tap Copy all codes.
    • It’s very important that you save these codes in a secure place. If you ever get logged out of your account, you may need them to get back in.
  10. Tap Done in the top-right corner.
Please make sure that your Todoist app is version 10540 or higher. If you're using our Wear OS app, make sure it's minimum version 10497 or higher.
  1. If you don’t already have an authentication app (such as Authy or Google Authenticator) on your mobile device, make sure to install one now.
  2. In your Todoist app, swipe up the bottom app bar to open the menu.
  3. Tap the gear icon in the top-right corner.
  4. Select Account.
  5. Tap Enable 2FA.
  6. Copy the secret code you see to your authentication app.
  7. Your authentication app will give you a verification code, which you should enter in Todoist now.
  8. You will now see the words Verification successful.
  9. Scroll down to Save your recovery codes and tap Copy all codes.
    • It’s very important that you save these codes in a secure place. If you ever get logged out of your account, you may need them to get back in.
  10. Tap Done in the top-right corner.

2FA will now be enabled on your account. If you wish to disable 2FA, have a look at the instructions in the next section of this article.

How to enable or disable 2FA

Still not sure what two-factor authentication (2FA) is? Click here to learn more.
  1. Log in to Todoist in a browser.
  2. Click your avatar in the top-right corner.
  3. Click Settings.
  4. Select Account in the left-hand menu.
  5. Scroll down to Two-factor authentication and toggle the setting On or Off.
  6. If you’re disabling 2FA, you’ll now be asked to enter a one-time passcode. This passcode is a six digit code generated by your authentication app. You can also use a recovery code to disable 2FA.
Please make sure that your Todoist app is version 22.10.9 or higher.
  1. Tap the gear icon in the top-right corner of Todoist.
  2. Select Account.
  3. Use the toggle under Two-factor authentication to either enable or disable 2FA.
  4. If you’re disabling 2FA, you’ll now be asked to enter a one-time passcode. A one-time passcode is a six digit code generated by your authentication app. You can also use a recovery code to disable 2FA.
Please make sure that your Todoist app is version 10540 or higher. If you're using our Wear OS app, make sure it's minimum version 10497 or higher.
  1. In your Todoist app, swipe up the bottom app bar to open the menu.
  2. Tap the gear icon in the top-right corner.
  3. Select Account.
  4. Use the toggle to the right of Two-factor authentication to either enable or disable 2FA.
  5. If you’re disabling 2FA, you’ll now be asked to enter a one-time passcode. A one-time passcode is a six digit code generated by your authentication app. You can also use a recovery code to disable 2FA.

What is a one-time passcode?

A one-time passcode is a six digit code generated by your authentication app. If you’ve enabled 2FA on your account, you’ll be prompted to use a one-time passcode for a variety of actions such as:

  • Logging in to your Todoist account.
  • Disabling 2FA.
  • Changing your email address in your Todoist account.
  • Downloading a backup of your account.
  • Deleting your Todoist account.

What is a recovery code?

Your recovery codes are unique to your account and can be used to gain access to your Todoist account if you’re no longer able to generate a one-time passcode (for example, if your mobile device breaks and you’re no longer able to log in to your authentication app).

How to copy or generate new recovery codes

  1. Click your avatar in the top-right corner.
  2. Click Settings.
  3. Select Account in the left-hand menu.
  4. Scroll down to Two-factor authentication and click See your recovery codes.
  5. (Optional) If you want to replace your current codes, click Generate new codes.
  6. Click Copy all codes.
  1. Tap the gear icon in the top-right corner of Todoist.
  2. Select Settings.
  3. Select Recovery Codes.
  4. (Optional) If you want to replace your current codes, tap Generate new codes.
  5. Tap Copy all codes.
  1. In your Todoist app, swipe up the bottom app bar to open the menu.
  2. Tap the gear icon in the top-right corner.
  3. Select Account.
  4. Select Recovery Codes.
  5. (Optional) If you want to replace your current codes, tap Generate new codes.
  6. Tap Copy all codes.

How to use a recovery code

  1. Start the login process like you normally would.
  2. When you get to the step where you get asked for an authentication code, select Go here to recover your account.
  3. Enter one of your active recovery codes.

FAQ

I can't see two-factor authentication options in my account. What should I do?

Make sure you have no pending updates for Todoist. If you still can't see any two-factor authentication options in your account, please try logging out of Todoist and back in again.

What authentication apps do you support?

We support the majority of popular authentication apps, such as Google Authenticator and Microsoft Authenticator.

I don't have access to my authentication app or my recovery codes. What should I do?

Please use our contact form to get in touch with our Customer Experience team.

I still haven't verified my account. How do I do that?

This article will tell you how to verify your account.

Does Todoist 2FA support physical security keys?

At the moment, we only support authentication apps, but we hope to support security keys in the future.