2FA is required for all Orvoxa admin accounts and highly recommended for customer accounts.
TOTP (Google Authenticator, 1Password, Authy)
- Portal → Account → Security → Two-factor authentication.
- Scan the QR code with your authenticator app.
- Enter the 6-digit code to confirm.
- Save the recovery codes somewhere safe — they are the only way in if you lose your device.
Passkey / Webauthn
Prefer hardware? Add a passkey from the same settings page. Works with YubiKey, Touch ID, Windows Hello, and any FIDO2 security key.
SMS fallback
We support SMS 2FA but it is weaker than TOTP or passkey. Use only if you cannot run an authenticator app.