Availability:

SMS authentication is not available for accounts during the trial period.

In this article, we will walk you through the steps to enable, pass, and disable 2FA on your PandaDoc account, ensuring your sensitive information remains safe.

The 2FA described in this article won't work for Google OAuth or SSO logins. You'll need to configure 2FA on the provider's side for these sign-in methods.

You’ll be unable to set up 2FA unless you verify your account email address.

Each user on the account should set up two-factor authentication for their user profile in their account settings.

Select your profile image at the lower left corner to access Settings and select Security. From here, select Turn on 2FA.

Enter your account password and select Continue.

Select 'Authenticator app' as the authentication method. This app generates a code for you to log in to your account.

Install or open Google Authenticator, Authy, or a similar third-party authenticator app on your mobile device.

Scan the QR code or manually enter the setup key into the authentication app.

Next, enter the six-digit code generated by your authenticator app. Select Turn on.

Don’t forget to copy the backup codes for logging in when the authenticator app isn't available and select Codes saved.

If you lose access to the device you use for the second factor, a backup code would be the only way to restore access to your account.

That’s it for the setup! Now each time you log in to your account you’ll need to enter a code from your authenticator app.

You’ll be unable to set up 2FA via SMS on a free eSign plan or during the trial period.

Select your profile image at the lower left corner to access Settings and select Security. From here, select Turn on 2FA.

Enter your account password and select Continue.

Select 'Text message (SMS)' as the authentication method.

Add a phone number and select Send code.

Enter the code you received via SMS and select Confirm to finish the setup.

Don’t forget to copy the backup codes for logging in when your phone isn't available and select Codes saved.

If you lose access to the device you use for the second factor, a backup code would be the only way to restore access to your account.

Now each time you log in to your account you’ll need to enter a code from a text message.

Enter your email and password at the login page and select Log in.

Next, enter the code from your authenticator app or SMS and select Verify.

No, 2FA can only be set up individually. Each user needs to enable it on their own.
The account owner can check who doesn't have 2FA enabled in the Admin panel by going to Settings > Billing, then selecting the burger menu at the top left > Users.

No, however, you can achieve this by utilizing Single Sign-On (SSO) and enforcing 2FA on the SSO side.

No, 2FA is not triggered when logging in through an external provider. To enable 2FA, you must configure it on the provider's side.

No, only the Authentication App and SMS are supported. If you require a physical key, consider configuring SSO with key support on the provider's side.