Enabling two-factor authentication

Two-factor authentication (2FA) protects your Buildra account with a second login factor — a six-digit code from an authenticator app. It is the single highest-leverage thing you can do for account security. Here is how to set it up.

Before you start

You need an authenticator app on your phone. Common ones:

• 1Password
• Google Authenticator
• Authy
• Microsoft Authenticator
• The built-in Apple Passwords app (iOS 17+)

Any TOTP-compatible app works. Pick one that backs up to the cloud — losing your phone with non-backed-up TOTP secrets is the #1 reason people get locked out.

Enabling for your account

1. Go to /settings/security.
2. Find the Two-factor authentication card and click Enable 2FA.
3. Buildra shows a QR code and a setup key.
4. Open your authenticator app and add a new account. Either scan the QR or paste the setup key.
5. The authenticator now shows a rotating 6-digit code.
6. Enter the current code in Buildra and click Verify and enable.
7. Buildra shows your recovery codes — 10 single-use backup codes. Save them somewhere safe (a password manager is ideal).

Critical: Recovery codes are your lifeline if you lose your phone. Without them, account recovery requires a manual identity verification with our support team, which takes 1-3 business days.

Logging in with 2FA

After enabling, each sign-in flow becomes:

1. Enter email and password.
2. Buildra prompts for the 6-digit code from your authenticator.
3. Enter the code. You are signed in.

Buildra remembers the device for 30 days. On the same browser, you only see the 2FA prompt once a month.

Forcing 2FA across your team

Owners can require 2FA for every user in the workspace. Go to /settings/security and toggle Require 2FA for all users. Existing users have 14 days to enroll; new invites must enroll before completing sign-up.

If you lose your phone

1. Go to the sign-in page. Enter email and password as usual.
2. On the 2FA prompt screen, click Use a recovery code instead.
3. Enter one of your 10 saved recovery codes.
4. You are signed in. Go directly to /settings/security and click Reset 2FA to set up a new authenticator.

If you lose both phone and recovery codes

Email support@buildra.appfrom a known email address on your account. We will perform a manual identity verification (typically a video call confirming identity-document match) and reset 2FA. Plan on 1–3 business days.

Disabling 2FA

Only do this if you are setting up a new authenticator. Go to /settings/security → click Disable 2FA. You will be asked for a current 6-digit code or a recovery code to confirm.

For workspaces with enforced 2FA, individual disable is not allowed; an Owner can disable enforcement workspace-wide first.