ValidEmailChecker

How do I switch from email 2FA to authenticator-app 2FA?

Last updated May 20, 2026Account & security

Moving from email 2FA to authenticator-app 2FA on Valid Email Checker is a five-minute job inside Account Settings, Security tab. The two methods live as independent toggles in user_2fa_settings, so the cleanest procedure is to enable the new method first while the old one is still active, verify it works end to end, and only then disable the old one. That way your account is never briefly unprotected, and you do not lock yourself out if something goes sideways during setup.

The step-by-step

  1. Sign in normally with your password and an email 2FA code (last time you will need it).
  2. Open Account Settings → Security and scroll to Two-Factor Authentication.
  3. In the Google Authenticator card, click Enable. A modal opens with a QR code and a manual setup key underneath.
  4. Install an authenticator app on your phone if you do not have one — Google Authenticator, Authy, 1Password, Bitwarden, Microsoft Authenticator all work because the QR code is standard TOTP. Scan the QR or type the setup key.
  5. Enter the current 6-digit code from the app into the confirmation field. On success, the card flips to Enabled and 10 backup codes are displayed. Save them in a password manager or print them — they are shown exactly once.
  6. At this point both methods are active. Test the new one by signing out and signing back in: when the 2FA prompt appears, enter the authenticator code (you can use Use Email Instead to confirm both still work).
  7. Once you have proven the authenticator path end to end, return to Account Settings → Security, click Disable on the Email Authentication card, type DISABLE (case-sensitive), and confirm.

Why the overlap matters

If you disable email 2FA first and then hit a snag during authenticator setup (lost phone, wrong app, expired session in the middle of the flow), you end up with a window where the account has no 2FA on at all. Anyone with your password could sign in unchallenged during that window. Keeping both enabled until the new method is verified is a 30-second insurance policy.

After the switch

  • Sign-in prompts now ask for a TOTP code from your authenticator instead of waiting for an email.
  • Step-up prompts on sensitive actions use the same TOTP code.
  • Email 2FA can be re-enabled later as a secondary fallback if you change your mind — see can I have both methods on.
Don't skip the backup codes step
The backup codes are shown exactly once, on the green screen at the end of authenticator setup. Save them then or accept the small risk of a manual identity-verification round-trip with support if you ever lose your phone.

Related questions

How do I enable two-factor authentication (2FA) on my account?
Authenticator app vs. email codes for 2FA — which should I use?
Can I have both authenticator-app AND email-code 2FA enabled at the same time?
Where do I find my 2FA backup codes again after the initial setup?
Back to all FAQs

Still stuck? Email support