Two-factor authentication (2FA) adds an extra layer of security to your Xendit account, making it significantly harder for unauthorized users to gain access. This article provides a step-by-step guide on how to enable and manage 2FA for your Xendit account.
Why enable 2FA?
It is strongly recommended to enable 2FA on your Xendit account
2FA helps protect your account by requiring two forms of authentication:
Something you know: Your Xendit account password.
Something you have: A unique, time-sensitive code generated by an authenticator app on your mobile device.
Supported 2FA methods
Xendit currently supports 2FA via sms or via authenticator apps that utilize the Time-based One-Time Password (TOTP) algorithm. Popular authenticator apps include:
Google Authenticator
Authy
Microsoft Authenticator
How to set up 2FA
Log in to your Xendit account
Go to Settings > Your Profile > 2-factor Authentication > Setup 2FA
Scan the QR code with your authenticator app (Google Authenticator, Authy, and Microsoft Authenticator are all supported)
Enter the 6-digit code from your authenticator app
Save your recovery codes (keep these in a safe place, separate from your phone—you'll need them if you lose your device)
Important Notes:
Keep your recovery codes safe: Treat them like your password and store them securely offline.
Multiple Devices: You can set up 2FA on multiple devices for redundancy.
Disable 2FA: You can disable 2FA in your security settings if you no longer wish to use it. However, this is not recommended.
Troubleshooting
Code not working? Ensure the time on your mobile device is synced correctly. TOTP codes are time-sensitive.
Lost your device? Use your recovery codes to regain access to your account and set up 2FA on a new device.
Need further assistance? Contact Xendit support for help with 2FA setup or troubleshooting.
By enabling 2FA, you significantly strengthen the security of your Xendit account and protect your funds. We strongly encourage all users to activate this feature.