Setting Up Two-Factor Authentication¶
Add an extra layer of security to your account with two-factor authentication (2FA).
What is Two-Factor Authentication?¶
Two-factor authentication (also called 2FA or MFA) requires two forms of identification to log in: 1. Something you know: Your password 2. Something you have: A code from your phone
This makes your account much more secure, even if someone discovers your password.
Why Use Two-Factor Authentication?¶
Security benefits: - Protects your account from unauthorized access - Prevents someone from logging in with just your password - Safeguards your club's data and member information - Recommended especially for club officers
Peace of mind: - Know that your account is protected - Reduce risk of account compromise - Industry-standard security practice
Before You Begin¶
You'll need: - A smartphone (iPhone or Android) - An authenticator app installed: - Google Authenticator (iOS or Android) - Microsoft Authenticator (iOS or Android) - Authy (iOS or Android) - Any TOTP-compatible authenticator app
Note: The Club Schedule uses TOTP (Time-based One-Time Password), which works with any standard authenticator app. We do NOT support SMS-based 2FA for security reasons.
Setting Up Two-Factor Authentication¶
Step 1: Access Security Settings¶
- Log in to The Club Schedule
- Click your name in the top-right corner
- Select Profile or Account Settings
- Click on the Security tab
- Find the "Two-Factor Authentication" section
Step 2: Enable Two-Factor Authentication¶
- Click Enable Two-Factor Authentication
- You'll see a QR code on your screen
- Keep this page open - you'll need it in the next step
Step 3: Scan the QR Code¶
- Open your authenticator app on your phone
- Tap the + or Add button
- Choose Scan QR Code
- Point your phone's camera at the QR code on your screen
- The app will automatically add The Club Schedule
Can't scan the code? - Look for "Enter code manually" option in your app - Enter the text code shown below the QR code - Set the account name to "The Club Schedule"
[Screenshot: Authenticator app showing scanned account]
Step 4: Enter Your First Code¶
- Look at your authenticator app
- You'll see a 6-digit code for "The Club Schedule"
- Enter this code in the verification field on your computer
- Click Verify and Enable
Important: The code changes every 30 seconds. If it doesn't work, wait for a new code and try again.
[Screenshot: Verification code entry field]
Step 5: Save Your Backup Codes¶
After enabling 2FA, you'll see backup codes:
- Copy these codes and save them somewhere safe
- These codes let you log in if you lose your phone
- Each code works only once
- Store them securely:
- Password manager (recommended)
- Secure note on another device
- Printed and stored in a safe place
Do NOT: - Leave them on your computer screen - Store them in an unencrypted file - Share them with anyone
[Screenshot: Backup codes display]
Logging In with Two-Factor Authentication¶
Once 2FA is enabled, your login process changes:
The New Login Process¶
- Go to The Club Schedule login page
- Enter your email and password as usual
- Click Log In
- You'll see a new screen asking for your authentication code
- Open your authenticator app
- Enter the 6-digit code shown
- Click Verify
- You're logged in
[Screenshot: Two-factor authentication code entry page]
The Code Keeps Changing¶
- Codes are valid for 30 seconds
- A new code appears every 30 seconds
- If a code doesn't work, wait for the next one
- The countdown timer in your app shows time remaining
"Remember This Device" Option¶
When logging in, you may see: - Checkbox: "Trust this device for 30 days" - If checked, you won't need a code on this device for 30 days - Only use this on personal devices you trust - Don't use on shared or public computers
[Screenshot: Remember device checkbox]
Managing Two-Factor Authentication¶
Viewing Your 2FA Status¶
To check if 2FA is enabled: 1. Go to Profile > Security 2. Look for the "Two-Factor Authentication" section 3. Status shows "Enabled" or "Disabled"
Generating New Backup Codes¶
If you've used your backup codes: 1. Go to Profile > Security 2. Find "Two-Factor Authentication" section 3. Click Generate New Backup Codes 4. Your old backup codes become invalid 5. Save the new codes securely
Disabling Two-Factor Authentication¶
To turn off 2FA: 1. Go to Profile > Security 2. Find "Two-Factor Authentication" section 3. Click Disable Two-Factor Authentication 4. Enter your password to confirm 5. 2FA is now disabled
Note: We recommend keeping 2FA enabled for security, especially if you're a club officer.
Troubleshooting¶
I Lost My Phone / Authenticator App¶
If you have backup codes: 1. Go to the login page 2. Enter your email and password 3. On the 2FA code screen, click Use a backup code 4. Enter one of your backup codes 5. Once logged in, go to Security settings 6. Disable 2FA 7. Re-enable 2FA with your new phone 8. Save the new backup codes
If you don't have backup codes: - Contact The Club Schedule support at support@theclubschedule.com - Provide proof of identity - We'll help you regain access to your account - This process may take 24-48 hours for security verification
The Code Isn't Working¶
Common solutions:
- Check the time on your phone
- TOTP requires accurate time
- Go to phone settings
-
Enable "Set time automatically"
-
Wait for a new code
- Codes expire every 30 seconds
- Let the current code expire
-
Use the next code that appears
-
Make sure you're looking at the right account
- Check it says "The Club Schedule" in your app
-
You might have multiple accounts in your authenticator
-
Try re-entering
- Type the code carefully
- Don't include spaces
- Use only the 6 digits shown
I'm Getting a New Phone¶
Before switching phones:
Option 1: Transfer your authenticator app - Most authenticator apps support cloud backup - Follow your app's transfer instructions - Your 2FA will work on the new phone automatically
Option 2: Set up 2FA on the new phone 1. Log in to The Club Schedule on your computer 2. Go to Profile > Security 3. Disable 2FA (you'll need an old code or backup code) 4. Re-enable 2FA 5. Scan the new QR code with your new phone 6. Save the new backup codes
I Deleted The Club Schedule from My Authenticator App¶
- Go to Profile > Security
- Disable two-factor authentication
- Re-enable it
- Scan the new QR code
- Save new backup codes
Best Practices¶
Security¶
- Keep backup codes secure - Store in a password manager or safe place
- Don't share codes - Never give your 2FA codes to anyone
- Use unique passwords - Combine 2FA with a strong, unique password
- Update your phone number - Keep contact info current in case of account recovery
Device Management¶
- Don't trust public computers - Never select "Remember this device" on shared computers
- Secure your phone - Use a passcode/biometric lock on your phone
- Update regularly - Keep your authenticator app updated
- Multiple devices - Consider setting up 2FA on multiple devices for redundancy
Backup Planning¶
- Save backup codes immediately - Don't skip this step
- Test a backup code - Verify one works before you need it (it will be consumed)
- Generate new codes periodically - Refresh your backup codes every few months
- Store securely - Use a password manager or encrypted storage
For Club Officers¶
If you're a club officer, we strongly recommend enabling 2FA because: - You have access to member data - You control club schedules and settings - You manage billing and subscription - Your account security affects the entire club
Officer security checklist: - Enable two-factor authentication - Use a strong, unique password - Save backup codes securely - Don't share login credentials - Log out on shared computers - Review security settings quarterly
Tips¶
- Set up during low-stress time - Don't wait until you have urgent club business
- Test it immediately - Log out and back in to ensure it works
- Save backup codes - This is the most important step
- Keep authenticator app updated - Updates often include security improvements
- Consider multiple backup options - Use both digital and physical backup code storage