Two-factor authentication (2FA)

Enable 2FA on your account and, for admins, enforce it for the team.

2026-07-05

Two-factor authentication (2FA) adds a temporary code on top of your password. Even if your password leaks, no one gets in without your phone. On Sanctumel it uses an authenticator app (Google Authenticator, Authy, 1Password...).

Enable 2FA on my account

  1. Open Settings > Security.
  2. In the Two-factor authentication card, scan the QR code with your app.
  3. Enter the 6-digit code to confirm.
  4. Keep the backup codes shown: they get you back in if you lose your phone.

Enforce it for the team (church admin)

A church administrator can require 2FA for sensitive roles (pastor, treasurer, finance):

  1. Settings > Security > Require 2FA for the team, turn on the switch.
  2. Affected members see a banner inviting them to enable it.
  3. A 7-day grace period gives them time; after that, they are redirected to the Security page until they enable it.

Good to know: no one is ever "locked out". The Security page stays reachable to enable 2FA, even after the deadline. The church administrator must keep 2FA on at all times.

Lost your phone

Use a backup code to sign in, then re-configure 2FA from Security. If you have no codes left, contact support.

Go further

Need help?
Quick answers and support in your language.
Help center