Two-step authentication is a tool that you can use to add another layer of security to your Klaviyo account. When you have two-step authentication enabled, you'll need to sign in using your username and password, and then verify your identity by entering a 6-digit code.
Two-step authentication is configured per user, not at an account level. This means that each user in an account must configure two-step authentication if you would like to enable two-step authentication for an entire account.
How to Enable Two-Step Authentication
To enable two-step authentication in your account, navigate to Account > Contact Information > Personal. Two-step authentication is set up on a per-user basis, meaning your two-step authentication settings will only apply to your own login credentials and won't affect any other users in your account.
Here, you will see the ability to enable two-step authentication by clicking Enable Two-Step Authentication.
To successfully enable two-step authentication, you must first download an authenticator app on your mobile device. We recommend Google Authenticator or Authy. Once you have installed the app, open it and scan the barcode displayed in your account.
Your authenticator app will generate a 6-digit code; type this code into the text input and click Submit.
Next, you will see a set of backup authentication codes that you can use in the event that you can't access your mobile device when logging into your Klaviyo account. There is a fixed limit of 5 on the number of backup codes Klaviyo will supply, and each code is single-use. Save these codes somewhere safe so that you will be able to access them in the event that you need them. You will not be able to return to these codes once you close the modal.
Going forward, you will need to provide your password and the code generated by your authenticator app in order to log into your Klaviyo account.
Klaviyo only provides a limited number of backup codes, which are single-use. We recommend that you only use these codes as a last resort if you cannot locate your mobile device. If you use two-step authentication and use all of your backup codes, you will need to contact support in order to regain access to your account.
Disable Two-Step Authentication
If you have two-step authentication and would like to disable it, you will need to contact support. This is to protect the security of your account.
Requiring Two-Step Authentication for All Account Users
If you are the owner or an admin of a Klaviyo account you have the ability to require two-step authentication for all of the users on your account. Navigate to Account > Settings > Users and check the box to "Require two-step authentication for all users".
Existing users will be required to enable two-step authentication on their next login. New users will be required to enable two-step authentication when creating their user.
If you decide to no longer require two-step authentication for all users you can uncheck the setting. Any users that already have two-step authentication enabled will remain in that state. Users will also still have the option to enable two-step authentication for their individual user account.