Two-step authentication is a tool that you can use to add another layer of security to your Klaviyo account. When you have two-step authentication enabled, you'll need to sign in using your username and password, and then verify your identity by entering a 6-digit code.
Two-step authentication is configured per user, not at an account level. This means that each user in an account must configure two-step authentication if you want to enable two-step authentication for an entire account. If you have multi-account access and one of your accounts has two-step authentication required, this will apply to all of the accounts you log into and not just the account that requires it, since the credentials are linked.
Enable Two-Step Authentication
To enable two-step authentication, navigate to Account > Contact Information > Personal. Two-step authentication is set up on a per-user basis, meaning your two-step authentication settings will only apply to your own login credentials and won't affect any other users in your account.
Click Enable Two-Step Authentication.
To successfully enable two-step authentication, you must download an authenticator app on your mobile device. We recommend Google Authenticator or Authy. Once you install the app, open it and scan the barcode displayed in your account.
Your authenticator app will generate a 6-digit code. Type this code into the text input and click Submit.
Next, you will see a set of backup authentication codes that you can use in the event that you can't access your mobile device when logging into Klaviyo. There is a fixed limit of 5 on the number of backup codes Klaviyo will supply, and each code is single-use. Save these codes somewhere safe so that you can access them if needed. You will not be able to return to these codes once you close the modal.
Going forward, you will need to provide your password and the code generated by your authenticator app in order to log into your Klaviyo account.
Klaviyo only provides a limited number of backup codes, which are single-use. We recommend that you only use these codes as a last resort if you cannot locate your mobile device. If you use two-step authentication and use all of your backup codes, you will need to contact support to regain access to your account.
Similarly, if you purchase a new device and have lost your backup codes — thus unable to access your account, contact support in order to regain access and enable two-step authentication for your new phone instead.
Disable Two-Step Authentication
If you have two-step authentication enabled and would like to disable it, you will need to contact support. This is to protect the security of your account.
Require Two-Step Authentication for All Account Users
If you are the Owner or Admin of a Klaviyo account, you have the ability to require two-step authentication for all users on your account. Navigate to Account > Settings > Users and check the box to Require two-step authentication for all users.
Existing users will be required to enable two-step authentication on their next login. New users will be required to enable two-step authentication when creating their user login.
If you decide to no longer require two-step authentication for all users, you can uncheck the setting at any time. Any users that already have two-step authentication enabled will remain in that state. Users will still have the option to enable two-step authentication for their individual user account.