Kualo / docs
On this page

Set up multi-factor authentication (MFA)

Add a second login step with an authenticator app to keep your MailMachine account secure.

2 min read Updated 10 Jun 2026

Multi-factor authentication (MFA) adds a second step to logging in: as well as your password, you enter a one-time code from an app on your phone. It's one of the most effective things you can do to keep your account safe, and in MailMachine each user can turn it on for themselves.

Enable MFA for a user

  1. Open Parameters, then click Users.
  2. Choose the user you want to protect.
  3. Scroll down to Security and click Enable to turn on 2-step verification.

Register an authenticator app

Open your authenticator app (such as Google Authenticator, Authy or 1Password) and scan the QR code shown on screen.

Scanning the MFA QR code with an authenticator app

Then enter the 6-digit code your app displays to confirm the setup.

Entering the 6-digit verification code to finish MFA setup

Save your backup codes

You'll be given 10 backup codes. If you ever lose access to your phone, each code lets you log in once. Store them somewhere safe and private - a password manager is ideal.

Without your phone and without your backup codes, you can be locked out of your account. Save the backup codes the moment you set up MFA, not later.

Each user decides for themselves

MFA is per-user, so everyone on the account can enable or disable it to suit how they work. We'd encourage every user to turn it on, especially anyone with administrator rights.

Troubleshooting

Can't scan the QR code - enable camera permissions, turn up your screen brightness, or use the manual-entry option to type the key by hand. A different authenticator app can also help.

The 6-digit code won't work - these codes expire every 30 seconds, so enter them promptly. Make sure your phone's clock is set to update automatically, since a drifting clock generates invalid codes.

Lost access to your authenticator app - use one of your 10 backup codes to get in, then set MFA up again on your new device.

Backup codes not working - each code works only once. Check you haven't already used it, and that you're entering it exactly.

Want to disable MFA - in the user's Security settings, click Disable next to 2-step verification and confirm with your password. Think carefully before removing it.

If you've lost both your device and your backup codes, open a support ticket so we can verify your identity and help you back in.

Was this helpful?
Your feedback helps us find gaps in the docs.
Related articles
Getting started
Getting started with MailMachine
Your roadmap from a new MailMachine account to your first campaign - brand, senders, conta...
Getting started
Add and manage users
Invite colleagues to share your MailMachine account, give each their own secure login, and...
Getting started
Configure your brand
Set the logo and colours that appear on your MailMachine confirmation pages so everything...
Getting started
Set your timezone
Set the timezone MailMachine uses to schedule your campaigns and automations.
Still need a hand?
Real people, around the clock - start a chat or open a ticket and we'll help you put it right.
Contact us Start a chat