# Set up Two-Factor Authentication (2FA)

We strongly encourage you to enable 2FA. We offer two methods to protect your valuable assets and information:

* **Using an Authenticator App**
* **Using a Passkey**

And we support 2FA in the following situations:

* **Login**
* **Withdrawal**
* **When attempting to change personal information**

This ensures that your assets remain secure at all times.

<figure><img src="/files/AhEzOyaI97cFU4XzzRkB" alt=""><figcaption></figcaption></figure>

## 1. Authenticator App

* **How It Works**: You use an app (like Google Authenticator or Authy) to generate a time-based one-time password (TOTP) or a code. This code is used alongside your password to log in.
* **Features**:
  * **Dynamic Codes**: Generates a new code every 30 seconds, adding a time-based element to security.
  * **Offline Access**: Works without an internet connection once set up.
  * **Convenience**: Often integrated into mobile devices, making it easy to access codes.
  * **Secure**: Codes are generated locally on your device, reducing the risk of interception.

## 2. Passkey

* **How It Works**: Passkeys are cryptographic keys stored on your device and used for authentication. They provide a secure way to log in without entering a password.
* **Features**:
  * **Passwordless**: Eliminates the need for passwords, reducing the risk of password theft.
  * **Enhanced Security**: Uses strong cryptographic methods, making it more resistant to phishing and other attacks.
  * **Convenience**: Simplifies the login process by using biometric or device-based authentication (like Face ID or fingerprint recognition).
  * **Device-Specific**: Passkeys are typically stored and used on a specific device, adding an extra layer of security.

Each method offers a unique approach to enhancing security, with Authenticator apps relying on time-based codes and Passkeys leveraging cryptographic methods for a more seamless and secure login experience.

{% hint style="warning" %}
For your security, withdrawals are restricted for 12 hours after enabling a new Authenticator app or Passkey.
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://how.smashfi.me/my-profile/set-up-two-factor-authentication-2fa.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.