Back to Dashboard

Documentation

Learn how to use Asyntai

Getting Started
Installation Knowledge Base Test Your AI Manage Websites
Customization
Widget Colors AI Assistant Name Initial Message Widget Position Auto-Trigger Greeting Bubble Unread Badge Instruction Mode Ask Questions Use Emoji Collect Emails Collect Phone Numbers Smart Lead Capture Localization Hide Branding Privacy Link Custom Notice Transcript Download New Conversation Conversation History Tagline & Status Dot Speech to Text Chat Icon Company Logo Character Limit Temperature
AI Instructions Tips Compare Plans
Features
Website Crawl Knowledge Gaps Product Cards Dynamic Product Cards Dynamic Images User Context Live Monitoring Human Takeover Escalation AI Notifications Daily Report Real-Time Data Feed Real-Time Data Feed Max Team Members Single Sign-On Two-Factor Authentication Include Images Image Vision Translation Widget Localization Leads Smart Lead Capture Support Tickets Bookings Embeds Exclude Pages Blocked IPs Smarter Model Enable Thinking Reply Suggestions Follow-up Messages Speech to Text Transcript Download Embedded Chat
Analytics
Chat Analytics Chat Logs
Integrations
REST API Instagram Messenger WhatsApp Discord Zapier Email Mobile Apps
Other
Add to Home Screen Custom Open Button Payment Failed?
Ask AI

Two-Factor Authentication (2FA)

Add an extra layer of security to your account with a 6-digit code from your phone

Set Up 2FA

Overview

Two-factor authentication (2FA) adds a second step to your login. Even if someone learns your password, they can't get into your account without the 6-digit code generated by your authenticator app.

Asyntai uses TOTP (time-based one-time passwords) — the same standard used by Google, AWS, GitHub, and most major services. Codes refresh every 30 seconds and are generated entirely on your phone, with nothing sent over the internet.

How It Works

  1. You enable 2FA — Scan a QR code with your authenticator app to enroll
  2. Save backup codes — One-time codes for recovery if you lose your phone
  3. Sign in as usual — Enter your email and password
  4. Enter the 6-digit code — From your authenticator app, on every new sign-in
Sign-in flow
Email + password
6-digit code from app
Signed in to Asyntai

Supported Authenticator Apps

Any app that supports TOTP (the open standard) will work. Popular options:

Google Authenticator
Authy
1Password
Bitwarden
Microsoft Authenticator
Any TOTP app

Setting Up 2FA

Enrolling takes about a minute. You'll need an authenticator app installed on your phone.

1
Open the 2FA setup page In your account settings, click More and select Two-Factor Authentication.
2
Click Enable 2FA A QR code and a backup secret will appear.
3
Scan with your authenticator app Open your authenticator app, tap the + button, and scan the QR code. The app will start generating 6-digit codes that change every 30 seconds.
4
Enter the 6-digit code Type the current code from your app into the input field and click Confirm and enable 2FA.
5
Save your backup codes 10 single-use backup codes will be shown once. Store them in a password manager or print and keep them somewhere safe.

Tip: If your QR code won't scan, you can copy the secret displayed below it and paste it manually into your authenticator app.

Backup Codes

Backup codes are your safety net. Each code can be used once in place of the 6-digit authenticator code — useful if you're without your phone, lost it, or got a new one.

  • 10 codes are generated when you first enable 2FA
  • Each code works once and is consumed when used
  • Store them securely — treat them like passwords. A password manager is ideal.
  • Regenerate any time — Visit the 2FA setup page and click Regenerate backup codes. Old codes are invalidated.

Important: Backup codes are shown only once. If you lose them and your phone, you'll need to contact support to regain access.

Signing In with 2FA

Once 2FA is enabled, every sign-in works the same way:

1
Enter email and password Standard sign-in at asyntai.com.
2
Enter the 6-digit code Open your authenticator app and type the current code (or paste a backup code if needed).
3
You're in Verified for the entire session. You won't be re-prompted until you sign out or the session expires.

Note about Google sign-in: If you sign in with Google, 2FA is still enforced — Asyntai will show the code-entry page after Google authentication completes.

Lost Your Phone?

Recovery options, in order of ease:

Situation What to do
Got a new phone If your authenticator app supports cloud backup (Authy, 1Password, Microsoft Authenticator), restore from backup. Codes will start working again.
No app, but have backup codes Sign in with a backup code instead of the 6-digit code. Then go to the 2FA setup page, disable 2FA, and re-enroll on your new phone.
Lost everything Contact support — we can disable 2FA on your account after verifying your identity, then you can re-enroll.

Disabling 2FA

You can turn 2FA off any time. For security, you'll need to be 2FA-verified in the current session before the disable button works:

  1. Go to /2fa-setup/
  2. Click Disable 2FA
  3. Confirm — your TOTP device and backup codes are deleted, and login goes back to password-only

Why a stolen password can't disable 2FA: The disable button is gated by 2FA verification. Even if someone has your password, they can't reach the disable button without your authenticator code or a backup code.

What 2FA Protects You From

Threat Protection
Password leaks Even if your password ends up in a data breach, attackers can't sign in without your phone.
Phishing A phishing site that captures your password still doesn't have your 6-digit code. Codes expire in 30 seconds.
Brute force TOTP codes are time-limited and rate-limited at the device level — guessing is mathematically impractical.
Reused passwords If you used your Asyntai password elsewhere and that other site got hacked, 2FA still keeps your Asyntai account safe.

Limitations

  • WordPress, Shopify, and Moodle plugin popups can't show the 2FA challenge inside their small popup window. If you enable 2FA, you'll need to sign in to asyntai.com first to complete 2FA, then connect your site from the plugin.
  • 2FA is per-account — each user enables it independently. Team members can each enroll their own 2FA.
  • SMS / phone-call codes are not supported. Authenticator-app TOTP only — it's stronger and not vulnerable to SIM swapping.

Available on every plan. Two-factor authentication is included free with all Asyntai accounts.