Overview

Two-Factor Authentication (2FA) adds an extra layer of protection to your monday.com account by requiring both your password and a second form of verification when logging in. This feature is essential for keeping your workspace secure and preventing unauthorized access—even if your password is compromised.

This guide walks you through enabling and using 2FA in monday.com.

---

✅ What is Two-Factor Authentication?

Two-Factor Authentication (2FA) combines:

1. Something you know (your password)
2. Something you have (a time-sensitive verification code)

When enabled, 2FA requires you to enter a code from your authenticator app (like Google Authenticator or Authy) after entering your password.

---

🔧 How to Enable 2FA in monday.com

🔒 Note: Only users on Pro and Enterprise plans can enforce 2FA organization-wide. However, any individual user can enable 2FA on their own account.

Step-by-Step Setup (Individual Users)

1. Click your profile picture (bottom-left corner)
2. Go to My Profile → Security
3. Find the Two-Factor Authentication section
4. Click Enable Two-Factor Authentication
5. Follow the on-screen instructions:
   • Scan the QR code using an authenticator app (e.g., Google Authenticator)
   • Enter the 6-digit code from the app
6. Click Verify and Enable

📝 You’ll be prompted to save a set of recovery codes. Store these in a safe place—they’re your backup if you lose your device.

---

🛡 Enforcing 2FA as an Admin (Enterprise Plan Only)

If you’re an admin on an Enterprise plan, you can enforce 2FA across your organization:

1. Click your profile picture → Admin
2. Go to the Security tab
3. Toggle Require 2FA for all users
4. Notify users to set up 2FA the next time they log in

🧠 You can monitor which users have enabled 2FA in the Users tab.

---

🔁 Logging In with 2FA

Once 2FA is enabled:

1. Go to monday.com and log in with your email and password
2. You’ll be prompted to enter a 6-digit code from your authenticator app
3. Enter the code to complete login

✅ Check the “Remember this device” option to reduce future prompts (valid for 30 days).

---

🧩 Supported Authenticator Apps

You can use any TOTP-based authenticator app, such as:

• Google Authenticator
• Microsoft Authenticator
• Authy
• 1Password (with 2FA feature)
• LastPass Authenticator

📲 Choose an app that allows backup and sync across devices for convenience.

---

🔁 What If I Lose My Device?

If you’ve lost access to your authenticator app:

1. Use one of your recovery codes to log in
2. Go to My Profile > Security to disable or reset 2FA
3. If you don’t have your recovery codes, contact your workspace admin or monday.com support for assistance

🔑 Recovery codes are critical. Keep them stored securely offline.

---

👨‍💼 Admin Tips for 2FA Security

Action	Why It’s Important
Enforce 2FA org-wide (Enterprise)	Standardizes account security
Train users on setting up 2FA	Reduces support tickets
Monitor 2FA adoption	Track who has and hasn’t enabled it
Require backup codes storage	Ensures account recovery options

📚 FAQs

Can I use SMS for 2FA?
No. monday.com only supports app-based 2FA (e.g., Google Authenticator).

Can guests use 2FA?
Yes. Any user with a monday.com account can enable 2FA.

Is 2FA required by default?
Not by default. Admins must enforce it from the Admin > Security panel on Enterprise plans.

Does enabling 2FA affect mobile login?
Yes. You’ll be prompted to enter your 2FA code when logging in via the mobile app as well.