Setting up Two Factor Authentication (2FA)

This guide walks you through setting it up. It takes about two minutes.

You will need a smartphone with an authenticator app installed. Any of these work well, and they are all free:

- Google Authenticator

- Microsoft Authenticator

- Authy

Install one from the App Store (iPhone) or Google Play (Android) before you begin.

💡 Tip: An authenticator app creates a new 6-digit code every 30 seconds. You will use it whenever you sign in from a new device.

1. Go to My profile from the menu under your name in the top right.

2. Open the Password / 2FA tab.

3. Under Two-Factor Authentication (2FA), click the green Enable 2FA button.

The Password / 2FA tab on your Profile Account page.

1. Open the authenticator app on your phone.

2. Choose the option to add a new account, then scan the QR code shown on screen.

3. If you cannot scan it, choose manual entry in your app and type in the key shown under Can't scan the QR code?

4. Your app will now show a 6-digit code for Joy Pilot. Enter that code in the **Step 2: Verify Your Code** box, then click Verify & Enable.

Scan the QR code with your authenticator app, then enter the 6-digit code to confirm.

Once your code is accepted, Joy Pilot shows a set of recovery codes.

⚠️ Important: Save these recovery codes somewhere safe before you continue. Each one can be used once to sign in if you ever lose access to your phone. You will not be shown them again.

1. Click Copy Codes or Download to keep a copy. A password manager or a secure note is ideal.

2. When you have saved them, click Done.

Your one-time recovery codes. Keep them somewhere safe and private.

Your account now shows 2FA is Enabled. That is everything you need to do.

From here you can also:

- Regenerate Recovery Codes if you think your saved codes are no longer safe. This replaces your old codes with a fresh set.

- Disable 2FA if you need to turn it off. You will be asked for your password to confirm.

Your account is now protected with two-factor authentication.

The next time you sign in from a device we do not recognise, you will be asked for a verification code after your password.

1. Open your authenticator app and read the current 6-digit code for Joy Pilot.

2. Type it into the Verification code box, then click Verify.

You can tick Remember this device for 30 days on your own computer, so you are not asked for a code every time. Please leave this unticked on shared or public computers.

The verification screen you will see when signing in from a new device.

💡 Tip: If your code is rejected, check that the date and time on your phone are set to update automatically. Authenticator codes rely on your phone's clock being correct.

If you have a new phone, or cannot reach your authenticator app, you have two options:

1. On the verification screen, click Use a recovery code instead and enter one of the recovery codes you saved earlier.

2. If you do not have your recovery codes, contact your accountant or the Joy Pilot support team. We can reset two-factor authentication for you. You will receive an email to confirm, and you can then set it up again on your new phone by following this guide from the start.

Two-factor authentication is one of the simplest ways to protect your financial information. Once it is set up it works quietly in the background, and only asks for a code when it needs to. We recommend leaving it switched on.