Enable two-factor authentication (2FA)

December 3, 2024

What you’ll need:

  • Access to your registered email address
  • Kommo desktop version (two-step verification can only be enabled or disabled on desktop)
  • Admins only: You must enable two-step verification on your own profile before enforcing it for all users

Keep in mind:

  • Every login requires your password and a 6-digit email code
  • If you lose access to your email, you’ll need backup codes to log in
  • Backup codes are shown once only — if lost, you must disable and re-enable two-step verification to generate new ones

Two-step verification protects your account with an email-based verification step. Even if someone knows your password, they won’t be able to log in without access to your email.

Enable two-step verification

Use this option to secure your own account.

  1. Go to Settings → Profile settings.
  2. Scroll to the Security section and turn on Two-step verification.

  1. Click Send code. Enter the 6-digit code sent to your email and click Confirm.

Save your backup codes

After activation:

  • Copy the backup codes and store them somewhere safe
  • Each code can be used once
  • These codes are your only way to log in if you lose email access

Note: You’ll only see backup codes during setup. If you lose them, you’ll need to disable and re-enable two-step verification.

Once setup is complete:

  • Two-step verification appears as Active in your profile
  • You’ll receive a confirmation email
  • You’ll be logged out of all devices except the current one

From now on, every login — including social login and mobile — requires a two-step verification code.

Note: After enabling two-step verification, you’ll need to enter your current password to make any changes to it. Admins can also view which users have two-step verification enabled in the Users management.

Disable two-step verification

Turn off two-step verification if you no longer want the extra verification step.

  1. Go to Settings → Profile settings.
  2. Scroll to Security and turn off Two-step verification.

  1. Click Send code, enter the email code, and click Confirm.

After disabling:

  • You’ll receive a confirmation email
  • Existing backup codes become invalid
  • Logins will no longer require two-step verification

Require two-step verification for all users (Admins only)

Use mandatory two-step verification to enforce stronger security across your workspace.

  1. Go to Settings → Workspace settings. Scroll to Mandatory two-step verification.

  1. Turn on the Mandatory two-step verification toggle.

  1. Complete the following steps:
  1. Choose a compliance period (1–10 days).
  2. Enter the verification code sent to your email.

Once enabled:

  • Users see a notice that two-step verification is required
  • After the deadline, users must enable two-step verification at their next login

Turn off mandatory two-step verification (Admins only)

Remove the requirement for users to enable two-step verification.

  1. Go to Settings → Workspace settings. Scroll to Mandatory two-step verification.

  1. Turn of the Mandatory two-step verification toggle.

  1. Enter the verification code sent to your email.

After disabling, users without two-step verification can log in normally.

After 2FA is successfully disabled, you will no longer be prompted to complete the 2FA step during login.

If you need more help with setup or troubleshooting, feel free to reach out to our support chat or contact us via WhatsApp. You can also hire a Kommo partner to do all the hard work for you.

Not a user yet? Sign up for our 14-day free trial or book a free live demo.

Try Kommo free

Discover how Kommo can transform your client management now