Two-Factor Authentication

BlackCloak offers an opt-in, Two-factor Authentication (2FA) feature within the BlackCloak mobile application as an additional security measure.

Overview:

• App-only: Does not apply to desktop 

• Optional: This is an opt-in feature 

• Double protection: If 2FA is enabled, an authenticator app is required even if using Google Sign-in

• Multi-identity support: 2FA must be enabled for each sign-in method (eg. password/google sign in)

• Secure Authenticator Apps only - TOTP (Time-Based One-Time Password) Apps (e.g., Google Auth, Authy, 1Password). No SMS.

How to Enable 2FA

1. Navigate to Your Profile > Sign in & Security.

2. Select Two-Factor Authentication (2FA).

3. Follow the on-screen prompts to link an Authenticator App (via Setup Code or QR Code).

4. Save Recovery Codes: You are advised to save recovery codes. These codes are the only way to regain access without requiring manual intervention from the BlackCloak team.

How to Disable 2FA

1. Navigate back to the 2FA settings in the Mobile App.

2. You must re-authenticate with your password or a 2FA code to disable the feature.

   Warning: Disabling 2FA will immediately log you out of all currently active devices for that specific identity.