การยืนยันตัวตนสองขั้นตอน (2FA)

เพิ่มชั้นความปลอดภัยพิเศษให้กับบัญชีของคุณด้วยรหัส 6 หลักจากโทรศัพท์

ภาพรวม

การยืนยันตัวตนสองขั้นตอน (2FA) เพิ่มขั้นตอนที่สองในการเข้าสู่ระบบของคุณ แม้มีคนเรียนรู้รหัสผ่านของคุณ พวกเขาก็ไม่สามารถเข้าสู่บัญชีของคุณได้โดยไม่มีรหัส 6 หลักที่สร้างโดยแอปยืนยันตัวตนของคุณ

Asyntai uses TOTP (time-based one-time passwords) — the same standard used by Google, AWS, GitHub, and most major services. Codes refresh every 30 seconds and are generated entirely on your phone, with nothing sent over the internet.

วิธีการทำงาน

You enable 2FA — Scan a QR code with your authenticator app to enroll
Save backup codes — One-time codes for recovery if you lose your phone
Sign in as usual — Enter your email and password
Enter the 6-digit code — From your authenticator app, on every new sign-in

ขั้นตอนการเข้าสู่ระบบ

อีเมล + รหัสผ่าน

รหัส 6 หลักจากแอป

เข้าสู่ระบบ Asyntai แล้ว

แอปยืนยันตัวตนที่รองรับ

แอปใดๆ ที่รองรับ TOTP (มาตรฐานเปิด) จะใช้งานได้ ตัวเลือกยอดนิยม:

Google Authenticator

Authy

1Password

Bitwarden

Microsoft Authenticator

แอป TOTP ใดก็ได้

การตั้งค่า 2FA

Enrolling takes about a minute. You'll need an authenticator app installed on your phone.

Open the 2FA setup page In your account settings, click More and select Two-Factor Authentication.

Click Enable 2FA A QR code and a backup secret will appear.

Scan with your authenticator app Open your authenticator app, tap the + button, and scan the QR code. The app will start generating 6-digit codes that change every 30 seconds.

Enter the 6-digit code Type the current code from your app into the input field and click Confirm and enable 2FA.

Save your backup codes 10 single-use backup codes will be shown once. Store them in a password manager or print and keep them somewhere safe.

เคล็ดลับ: If your QR code won't scan, you can copy the secret displayed below it and paste it manually into your authenticator app.

รหัสสำรอง

Backup codes are your safety net. Each code can be used once in place of the 6-digit authenticator code — useful if you're without your phone, lost it, or got a new one.

10 codes are generated when you first enable 2FA
Each code works once and is consumed when used
Store them securely — treat them like passwords. A password manager is ideal.
Regenerate any time — Visit the 2FA setup page and click Regenerate backup codes. Old codes are invalidated.

สำคัญ: Backup codes are shown only once. If you lose them and your phone, you'll need to contact support to regain access.

การเข้าสู่ระบบด้วย 2FA

Once 2FA is enabled, every sign-in works the same way:

Enter email and password Standard sign-in at asyntai.com.

Enter the 6-digit code Open your authenticator app and type the current code (or paste a backup code if needed).

You're in Verified for the entire session. You won't be re-prompted until you sign out or the session expires.

Note about Google sign-in: If you sign in with Google, 2FA is still enforced — Asyntai will show the code-entry page after Google authentication completes.

ทำโทรศัพท์หาย?

Recovery options, in order of ease:

Got a new phone If your authenticator app supports cloud backup (Authy, 1Password, Microsoft Authenticator), restore from backup. Codes will start working again.

No app, but have backup codes Sign in with a backup code instead of the 6-digit code. Then go to the 2FA setup page, disable 2FA, and re-enroll on your new phone.

Lost everything Contact support — we can disable 2FA on your account after verifying your identity, then you can re-enroll.

การปิดใช้งาน 2FA

You can turn 2FA off any time. For security, you'll need to be 2FA-verified in the current session before the disable button works:

Go to /2fa-setup/
Click Disable 2FA
Confirm — your TOTP device and backup codes are deleted, and login goes back to password-only

Why a stolen password can't disable 2FA: The disable button is gated by 2FA verification. Even if someone has your password, they can't reach the disable button without your authenticator code or a backup code.

2FA ปกป้องคุณจากอะไร

Password leaks Even if your password ends up in a data breach, attackers can't sign in without your phone.

Phishing A phishing site that captures your password still doesn't have your 6-digit code. Codes expire in 30 seconds.

Brute force TOTP codes are time-limited and rate-limited at the device level — guessing is mathematically impractical.

Reused passwords If you used your Asyntai password elsewhere and that other site got hacked, 2FA still keeps your Asyntai account safe.

ข้อจำกัด

WordPress, Shopify, and Moodle plugin popups can't show the 2FA challenge inside their small popup window. If you enable 2FA, you'll need to sign in to asyntai.com first to complete 2FA, then connect your site from the plugin.
2FA is per-account — each user enables it independently. Team members can each enroll their own 2FA.
SMS / phone-call codes are not supported. Authenticator-app TOTP only — it's stronger and not vulnerable to SIM swapping.

พร้อมใช้งานในทุกแผน การยืนยันตัวตนสองขั้นตอนรวมอยู่ในบัญชี Asyntai ทุกบัญชีโดยไม่มีค่าใช้จ่าย

เอกสาร