Skip to main content

Two-Factor Authentication

Enable two-factor authentication for users who can create API keys, manage domains, export data, or change account security settings.

Operational guidance:

Require 2FA for administrators.
Remove access for users who no longer need it.
Rotate API keys after suspicious account activity.
Keep recovery procedures documented.