Two-Factor Authentication (2FA)

Two-factor authentication (2FA) is a  step toward better security. It goes beyond using only a regular password when you log in — that's single-factor authentication. We built our own secure 2FA login protection that works for every version of Basecamp.

Enable two-factor authentication

Enable two-factor authentication to secure your account by heading to your avatar, clicking on  My Profile.

From your profile, click the link that says Change your login info here

On the next page, click  Set up 2FA and follow the on-screen prompts. Be sure to save your recovery codes somewhere safe! You'll need those codes to access the account if you ever lose the ability to log in with your authenticator app. 

Follow the steps after you click that button, and you should be up and running with 2FA in no time.


Use a security key for two-factor authentication

After you enable 2FA for your account using an authenticator app, you can also add a security key and use it as a 2FA method. A security key is a hardware device such as a small USB or Bluetooth key, a fingerprint reader or Windows Hello. They provide stronger protection against phishing attacks than 6-digit codes and are very easy to use. 

Second-factor authentication with a security key is secondary to using a 6-digit or recovery code to authenticate, so if you lose your hardware key, you can still use your authenticator app to access your account. To add your security, after you have setup 2FA, you'll find a Security keys link in the Security section on your login options page:

After clicking that link, click on Add a security key, and after ensuring your hardware key is connected to your computer, click on I'm ready, let's go

Finally, set a nickname for your key so you can remember it if you have more than one.

And that's it. After this, you can add more keys, list your existing keys and edit their nicknames or delete them by going to the Security keys section again.

After you've added a security key, we'll offer you this method as a second-factor when you're using a compatible browser (all modern browsers are compatible). If you don't have your security key, you can always switch to entering a 6-digit code from your authenticator app or a recovery code.


Trouble with two-factor authentication

If you are having trouble with two-factor authentication because you lost your phone or no longer have access to your authenticator app, use one of the recovery codes you saved during setup:

If you don't have a recovery code but you're logged into a different browser session, you can get your recovery codes and update or disable your two-factor authentication settings.

  1. Click your avatar and select  My Profile
  2. Then click on the link at the bottom that says Change your login info here.
  3. Click View recovery codes to obtain a single-use code or on Change 2FA settings... where you'll be able to configure another authenticator app or disable 2FA completely.

If you aren't logged in anywhere else and can't change your 2FA settings, you may need to contact us at support@basecamp.com. We'd have to prove your identity beyond any reasonable doubt. 

This may entail copies of government papers, like passports or driver's license, as well as utility bills, or other address verifications. It's a slow process that may take several days, and it'll be cumbersome. All this is by design. The point of 2FA is to protect your account in depth and against dedicated attacks. We will prioritize the security of your account over the ease of access recovery.