Articles on: Legal & Security

How to enable Two Factor Authentication (2FA)

Learn how to enable Two-Factor Authentication for your Crisp account and enforce it for your workspace.


Two-Factor Authentication adds a second verification step when signing in to Crisp. It is optional by default, but strongly recommended for every operator because it helps protect your workspace even if a password is compromised.


This guide uses Google Authenticator as an example, but other apps that generate time-based one-time passwords can also be used.



What Two-Factor Authentication does


Two-Factor Authentication, also called 2FA or MFA, requires more than a password to access an account. In Crisp, the second factor is usually a 6-digit code generated by an authenticator app and rotated every 30 seconds.


Common compatible authenticator options include:

  • Google Authenticator → mobile authenticator app from Google
  • Microsoft Authenticator → mobile authenticator app from Microsoft
  • YubiKey → hardware-backed authentication option
  • 1Password → password manager with one-time password support
  • LastPass → password manager with one-time password support


Crisp can also send 2FA requests by SMS, but SMS requests are heavily rate limited for security reasons.



Enable Two-Factor Authentication on your account


There are two ways 2FA can be enabled for an operator account.


When your workspace enforces 2FA


If your company enforces 2FA, Crisp can ask you to scan a QR code during signup or login. Follow the on-screen instructions to register your authenticator app before accessing the workspace.


When you enable 2FA manually


To enable 2FA yourself, open Crisp, then go to Settings → Account → Account Information and click Enable Two Factor Authentication.


You may need to add your mobile phone number to your Crisp account first.



Set up your authenticator app


Download your authenticator app, then scan the QR code shown by Crisp. The app will start generating 6-digit codes you can use when logging in.


Scan the Crisp 2FA QR code


Basic setup flow:

  • Download an authenticator app such as Google Authenticator
  • Click Scan a QR code in the app
  • Scan the QR code shown by Crisp
  • Confirm the setup by entering the generated code when requested



Log in with Two-Factor Authentication


Once 2FA is enabled, Crisp asks for a code each time you log in. Open your authenticator app and enter the current 6-digit code before it rotates.


2FA code generated by Google Authenticator



Change your 2FA app


If your workspace requires 2FA and you need to switch authenticator apps, temporarily remove the workspace enforcement before replacing your app.


Recommended order:

  • Turn off the workspace setting that forces operators to enable 2FA
  • Remove 2FA from your own account
  • Set up 2FA again with the new authenticator app
  • Turn the workspace enforcement setting back on


Make sure all required operators have working 2FA again before re-enabling enforcement.



Enforce Two-Factor Authentication for your workspace


Workspace owners can require all operators to use 2FA.


Before enforcing it, make sure every current operator already has 2FA enabled. Operators with 2FA enabled show a green padlock icon next to their email.


Operators with 2FA enabled in Crisp


Open Crisp, then go to Settings → Workspace Settings → Operators in the Team and enable Force Operators to have their Two Factor Authentication Enabled.


Force operators to enable 2FA setting



Regain access if you are locked out


If you cannot log in because 2FA is enabled, first try the alternative SMS method when available. If you cannot receive the SMS, Crisp support will need to verify your identity.


To request help recovering access:

  • Contact Crisp support from your registered email address
  • Send a photo of your ID showing your first and last name when requested by the support agent
  • Wait for identity verification before 2FA is disabled or a password reset is sent


Once your identity is confirmed, the support team may disable 2FA on your account and send a password reset email so you can regain access.



Frequently Asked Questions


Still have questions which were not covered in this article? Here is a collection of the most frequently asked questions on this topic.


Is 2FA required for every Crisp account?


No, 2FA is optional by default. A workspace owner can enforce it for all operators from the workspace team settings.


Even when it is not enforced, enabling 2FA is strongly recommended.


Can Crisp support disable 2FA if I am locked out?


Yes, but only after identity verification. Contact support from your registered email address and follow the verification steps requested by the support agent.


Updated on: 03/05/2026

Was this article helpful?

Share your feedback

Cancel

Thank you!