Set up two-factor authentication

For an added layer of security, turn on two-factor authentication (2FA) for your Slack account. If your password is compromised or stolen, you’ll have peace of mind knowing that only you can sign in.

How 2FA works:

  • You’ll need access to your mobile phone when you sign in to Slack.
  • You'll enter a verification code and your password each time you sign in.
  • You can choose to send your verification code by text message (SMS) or from an authentication app, but owners can require an authentication app if they like.
  • On paid subscriptions, owners and admins must use 2FA when signing in to Slack, even if they haven't enabled mandatory 2FA. For workspaces or orgs with SSO enabled, only owners and admins who are able to sign in via email and password and bypass SSO are required to set up 2FA.

Tip: Looking for password info? Learn how to manage and reset yours.


Turn on 2FA

Authentication app

SMS text message

Step 1: Download and install an authentication app

Before you can set up 2FA on your account, you’ll need to download and install an authentication app on your device. Slack 2FA can be used with most Time-Based, One-Time Password (TOTP) applications. Here are a few options to get you started:

Note: Slack doesn't support Universal 2nd Factor (U2F) yet.


Step 2: Turn on 2FA in Slack

  1. Sign in to the appropriate workspace, and visit your Account page at my.slack.com/account/settings.
  2. Next to Two-factor authentication, click Expand. Then, click Set up two-factor authentication.
  3. Enter your password and click on Use an app to retrieve authentication codes from the authentication app on your device.
  4. Add a new account. In most apps, you can do this by tapping the + icon.
  5. Scan the QR code by using your device's camera. If you prefer, you can choose to enter the code by hand.
  6. On Slack's 2FA configuration page, enter the six-digit verification code that your authentication app generates.
  7. To finish, press Verify code.

When you sign in to Slack, just open your authentication app and enter a code along with your password.

Note: Owners can prevent members from using SMS as their 2FA method. If you don’t have the option to use SMS for 2FA, use an authentication app instead.

  1. Sign in to the appropriate workspace, and visit your Account page at my.slack.com/account/settings.
  2. Next to Two-factor authentication, click Expand. Then, click Set up two-factor authentication.
  3. Enter your password and click on SMS text message to receive authentication codes by text message.
  4. Select your country from the menu. If your country isn't listed, choose Other.
  5. Enter your mobile phone number, including your area and/or zone code.
  6. Next, we'll send a six-digit verification code to your device. Enter the code on the Slack 2FA configuration page.
  7. To finish, select Verify code.

Every time you sign in to your workspace, you'll be sent a text message with your single-use authentication code.

Note: standard message rates apply. Check with your mobile service provider for information on fees for receiving SMS/text messages.


Use 2FA with multiple workspaces

If you're a member of more than one Slack workspace, you’ll need to set up 2FA for each account separately.

Copy and paste https://your-url.slack.com/account/settings (don't forget to add your workspace's domain) to enable 2FA for all your accounts.


Troubleshoot 2FA 

Backup codes

If you lose your phone or you've deleted your authentication app, you can use one of your backup codes to sign in. Use any code to sign in, but keep in mind that each code can only be used once. Your backup codes were provided at the time that you set up 2FA, but you can always find them on your Account page.

Tip: Make a copy of your codes, and save them someplace safe. 🔑

Locked out?

If you’ve got a new phone or don't have access to your backup codes, you can ask a workspace owner or admin to manually disable 2FA for your account. If you're a workspace owner and you can't sign in, you'll need to contact the workspace primary owner to help.

Please give these instructions to a workspace owner or admin to help you to disable 2FA on your account:

  1. Click your workspace name in the sidebar.
  2. Hover over Tools & settings, then click Manage members.
  3. Click on the  three dots icon to the right of the member that you want to manage.
  4. Click on Disable two-factor authentication.
Who can use this feature?

Related articles

Recently viewed articles