Two-Factor Authentication (2FA) #

Adding a TOTP second factor is the single most effective thing you can do to protect your Meldry account. It takes about a minute.

Enabling 2FA #

1. Open Settings → Security → Two-Factor Authentication.
2. Click Enable 2FA.
3. Scan the QR code with your authenticator app (Google Authenticator, Authy, 1Password, etc.).
4. Enter the 6-digit code from the app to confirm.
5. Save your recovery codes — store them somewhere safe (a password manager works well).

Signing in with 2FA #

After your handle and password, Meldry asks for the 6-digit TOTP code from your authenticator. The code rotates every 30 seconds.

Trusted devices #

You can mark a browser/device as trusted so it skips the TOTP prompt on subsequent sign-ins.

• A trusted device is identified by a hash of your user ID, user-agent and IP address.
• Trusted devices expire after a configured period.
• Revoke them all from Settings → Security → Trusted Devices → Revoke All.

Recovery codes #

Each recovery code can be used once as a substitute for a TOTP code.

• Save them when first displayed — they are shown only at generation time.
• Regenerate at Settings → Security → 2FA → Regenerate Recovery Codes. This invalidates all previous codes.
• If you lose both your authenticator and your recovery codes, contact support for account recovery.

Disabling 2FA #

You can disable 2FA from the same settings page. You'll be asked for a current TOTP code to confirm. We strongly recommend leaving 2FA on.