Cloudflare provides the ability for users to have 2FA (two factor authentication). 2FA provides an additional layer of security and must be enabled wherever possible to create a defence in depth security setting. An attacker would not be able to login to an account even if they had the password as the account would require a 2FA token to complete the login process.
A user whose 2FA is disabled could fall prey to a stolen credential attack and could lose access to their accounts to attackers if 2FA is not set up.
In this article we will take a look at how a user can enable 2FA in their Cloudflare account.
Following are the steps to enable 2FA for a Cloudflare account:
Login to your Cloudflare account
Navigate to My Profile at https://dash.cloudflare.com/profile
On the left side menu, click on Authentication
Click on Set up button in Two-Factor Authentication section
Cloudflare provides two options for setting up 2FA - Security Key Authentication and Mobile App Authentication. In this article we will set up Mobile App Authentication by clicking on Add button
Make sure to set up an authenticator app. Scan the QR code. If it is not possible to scan the code you can also set it up manually by using the code provided
Provide the code generated by the authenticator app. Provide your account password and click on Next
If this is the first time you are enabling 2FA then you will be taken through the recovery code set up. To do this set up, enter your password and click on Next button
Note: If you have generated recovery codes in the past, then the 2FA set up ends here, but also provides you an option to regenerate backup codes in case you want to do so.
Download, print, or copy your recovery codes and keep them in a safe place. Click on Next button
Once the recovery code set up is complete click on Next
Finally we can see that the 2FA has been set up for our Cloudflare account
