Security
Two-Factor Authentication (2FA)
Two-factor authentication adds a second layer of security to your account. After enabling it, logging in requires both your password and a one-time code from an authenticator app.
Enabling 2FA
- Go to Settings → Security → Two-Factor Authentication.
- Click Set Up 2FA.
- Scan the QR code with an authenticator app (Google Authenticator, Authy, 1Password, etc.).
- Enter the 6-digit code shown in the app to confirm it's working.
- Save your backup codes — these are one-time codes you can use if you lose access to your authenticator app. Store them somewhere safe.
Disabling 2FA
Go to Settings → Security → Two-Factor Authentication and click Disable 2FA. You'll need to enter your password and a valid 2FA code to confirm.
Backup Codes
Backup codes are generated when you enable 2FA. Each code can only be used once. If you run out or lose them, disable and re-enable 2FA to generate new ones.
WARNING
If you lose access to both your authenticator app and your backup codes, you will be locked out of your account permanently. Keep your backup codes in a safe place.
Active Sessions
Fluffwire keeps track of where you're logged in. Go to Settings → Security → Sessions to see all active sessions.
Each session shows:
- The device / browser
- Last seen time
You can revoke any individual session to log it out remotely, or use Revoke All Other Sessions to sign out everywhere except your current session.
Changing Your Password
Go to Settings → Account → Change Password. You'll need to enter your current password before setting a new one.
If 2FA is enabled, no additional step is needed for a password change — but your 2FA codes will continue to be required on future logins.