What is Two-Factor Authentication?

Two-factor authentication (2FA) adds a second step to your login process. After entering your password, you'll also need to provide a time-based code from an authenticator app on your phone. This means even if someone obtains your password, they can't access your account without your phone.

Borg Backup Server uses the TOTP (Time-based One-Time Password) standard, which is compatible with popular authenticator apps including:

Google Authenticator
Authy
1Password
Microsoft Authenticator
Any TOTP-compatible app

Enabling 2FA

Open Profile Settings

Click your username in the top-right corner of the navigation bar and select Profile. Scroll down to the Two-Factor Authentication section.

Screenshot coming soon

Scan the QR Code

Click Enable 2FA. A QR code will appear on screen. Open your authenticator app and scan this code. The app will begin generating 6-digit codes that refresh every 30 seconds.

Screenshot coming soon

Verify & Save Recovery Codes

Enter the 6-digit code from your authenticator app to confirm everything is working. Once verified, you'll be shown a set of recovery codes.

Important: Save your recovery codes in a secure location (password manager, printed copy in a safe). If you lose access to your authenticator app, these codes are the only way to regain access to your account.

Logging In with 2FA

After enabling 2FA, the login flow adds one extra step. Enter your username and password as usual, then you'll be prompted for your 6-digit authenticator code. Enter the current code from your app to complete the login.

Disabling 2FA

To disable two-factor authentication, go to Profile → Two-Factor Authentication and click Disable. You'll need to enter your current authenticator code to confirm.