This article covers how to enable two-factor authentication (2FA) using an authenticator app and how to set up a new authenticator app if you lost access to your original authenticator app. Before you can enable 2FA for your profile and set up an authenticator app, an Administrator in your account must enable sign in with 2FA.

For more general information about two-factor authentication in Harvest see:

• Enable two-factor authentication (2FA) in Harvest
• Enable and disable two-factor authentication in your profile
• Two-factor authentication FAQ

What is an authenticator app?

An authenticator app is an app on your phone, or a feature within some password managers, that regularly generates new verification codes that serve as the second "factor" in two-factor authentication.

We don’t have any specific recommendations, but there are several authenticator apps available, including Google Authenticator, Microsoft Authenticator, Authy, 1Password, and Duo (just to name a few). Note that you can also choose to receive authentication codes by email—you don’t need to use an authenticator app.

Enable 2FA using an authenticator app the first time you sign in with 2FA

When signing in with 2FA you have the option to use an authenticator app or receive a password via email. To start signing in using an authenticator app as soon as 2FA is enabled in your account: 

1. Sign in to Harvest at https://id.getharvest.com.
2. Scan the QR image with your preferred authenticator app.
3. View the code in your authenticator app and enter that code in the designated field.
4. After you’ve entered your code, click Complete set up.
   

You’ll see a confirmation message at the top of Harvest ID letting you know two-factor authentication has been enabled. You’ll now be able to access your account again.

Enable 2FA using an authenticator app after previously choosing to receive a code by email

If you've previously opted to receive a 2FA code via email but you'd now like to set up an authenticator app, you can take these steps:

1. After you've signed in, head to https://id.getharvest.com/. 
2. Click on the Security tab. 
3. Click the Review two-factor authentication button. 
4. Scan the QR image with your preferred authenticator app. 

You'll now be able to use the code in your authenticator app when signing in to Harvest using 2FA. 

Sign in to Harvest when access to an authenticator app is lost

If you've lost access to your authenticator app for any reason, you can choose to send a code to your email instead.

Once you're signed in, go to Harvest ID > Security > Review two-factor authentication and click the Generate new configuration button. This will do two things:

• Stop 2FA codes from being sent to any authenticator apps previously set up
• Allow you to set up a new authenticator app to use going forward