Search

Activate and manage two-factor authentication

Activate or deactivate two-factor authentication (2FA) for your account or require it for your Workspace. 

You can enable 2FA via SMS text or an authenticator app (TOTP). Admins can send a temporary login link to users locked out of their accounts. 

What you'll need

  • Individual members and guests can enable 2FA on their accounts on any ClickUp plan.

  • Requiring 2FA for everyone in a Workspace is available on our Business Plan and above.

  • 2FA using an authenticator app is available on any ClickUp plan.

  • 2FA via SMS is available on our Business Plan and above.

2FA via SMS may not be available in all regions.

Activate 2FA for your account

If 2FA is not required for your entire Workspace, you can enable it for your account. 

To enable 2FA for your account using SMS or an Authenticator App:

  1. From the upper-right corner click your account avatar, then select Settings
  2. From the Two-factor authentication section, select Text Message SMS or Authenticator App (TOTP) as your authentication type.

Use text message (SMS)

To use text message: 

  1. Click the toggle to enable SMS.
  2. Enter your ClickUp password and click Confirm Password.
  3. Enter your phone number and click Send Code.
    Screenshot of the modal where you enter your phone number, click Send Code, enter the verification code texted to your phone, and click Set up.
  4. Enter the code sent to your device into the Verification code field.
  5. Click Set up
  6. Each time you log in to your account, you'll be prompted to enter the authentication code sent to your phone.
    Screenshot of the modal that displays each time you log into your account, which prompts you to enter the authentication code texted to your phone.

 

To use an Authenticator app (TOTP)

We recommend using one of the following:

To install an authenticator app on your phone:

  1. Click the toggle to enable TOTP.
  2. Enter your ClickUp password and click Confirm Password.
  3. You'll be prompted to install an authenticator app on your phone, open your authenticator app, or switch to SMS if you don't have a smartphone. 
  4. Open the authenticator app on your phone.
  5. In ClickUp, click Yes, ready to scan.

    Screenshot of the prompt to install an authenticator app on your phone, open your authenticator app, or switch to SMS if you don't have a smartphone.

  6. Scan the QR code using your authenticator app.
  7. Enter the code from your app into the Enter your verification code field. 
    Screenshot of the QR code modal where you can scan a QR code using your authenticator app.
  8. Click Set up.
  9. Each time you log in to your account, you'll be prompted to enter the authentication code sent to your phone. 

Deactivate 2FA for your account

When 2FA is required, members and guests in that Workspace can't deactivate 2FA from their account settings. 

To deactivate 2FA:

  1. Click the toggle to deactivate SMS or TOTP.
  2. Enter your ClickUp password and click Confirm Password.
  3. Click Yes, disable.

Require 2FA for an entire Workspace

Workspace owners or admins can require 2FA for everyone with access to their Workspace.

  1. From the upper-left corner click your Workspace avatar, then select Settings.

  2. Select Security & Permissions.

  3. To require 2FA, from the Security section choose one of the following settings:

    • Require 2FA: All members and guests will be able to log in three times before 2FA is required.
      After three logins, anyone who doesn't have 2FA set up will be required to enable it using SMS to access the Workspace. 

    • Immediately require 2FA via SMS: All members and guests will be required to immediately set up and log in with 2FA.
      Anyone who doesn't have 2FA set up will be required to enable it using SMS to access the Workspace. 

See who has 2FA enabled

Workspace owners and admins can see the people in their Workspace who have 2FA enabled.

  1. In the upper-left corner, click your Workspace avatar, then select Manage users.

  2. Select People.

  3. In the Security column, the two-factor authentication icon displays for people who have enabled 2FA.
    Screenshot of ClickUp's People settings showing who has 2FA turned on and who does not.

Email a temporary login link

This feature is currently in limited release. It will gradually be released to all Workspaces. 

Admins can send a secure, temporary login link via email to users locked out of their accounts. 

To send a temporary link:

  1. In the upper-left corner, click your Workspace avatar. 
  2. Select Manage users.
  3. On the Manage people page, scroll down to the user. 
  4. On the right side of the user's row, hover over the ellipsis... menu.
  5. Select Email secure login link.
    Screenshot showing the ellipsis menu and highlighting the Email secure login link selection.
  6. A message displays confirming that you want to send the link. Click Confirm
  7. The user gets an email with the link.
    • Links expire in 24 hours. 
    • If it expires, the user will need to contact an admin for a new link. 
    • The user will need to update their password and 2FA details. 

Was this article helpful?