Two-Factor Authentication (2FA)
Two-factor authentication adds an extra layer of security by requiring a verification code from your phone in addition to your password.
Why 2FA is Required
CoralLedger Comply handles sensitive financial data including VAT returns, transaction records, and business information. 2FA is mandatory for all users to protect this data.
Setting Up 2FA
First-Time Setup
When you first log in, you'll be prompted to set up 2FA:
- Download an authenticator app on your phone
- Scan the QR code displayed on screen
- Enter the 6-digit verification code from your app
- Save your backup codes in a secure location
Supported Authenticator Apps
- Google Authenticator (Android / iOS)
- Microsoft Authenticator (Android / iOS)
- Authy (Android / iOS / Desktop)
- 1Password (Android / iOS / Desktop)
Any TOTP-compatible authenticator app will work.
Logging In with 2FA
- Enter your email and password as usual
- When prompted, open your authenticator app
- Enter the current 6-digit code
- Click Verify
tip
Codes refresh every 30 seconds. If your code is about to expire, wait for the next one.
Backup Codes
During 2FA setup, you receive a set of one-time backup codes. These are for emergency access if you lose your phone.
Important:
- Each backup code can only be used once
- Store them securely (password manager, printed copy in a safe)
- If you run out of backup codes, contact support
Managing 2FA
Resetting 2FA
If you need to switch authenticator apps:
- Go to Settings > Account
- Find the Security section
- Follow the prompts to reset and reconfigure 2FA
Lost Access
If you've lost both your phone and backup codes:
- Contact support@coralledger.com
- You'll need to verify your identity
- An administrator can reset your 2FA