MyKinsta supports two-factor authentication (2FA) using authenticator apps. Enabling 2FA adds a second layer of security to your account, so even if your login credentials are compromised, access still requires a time-based one-time code from your phone or password manager. All Kinsta user roles can enable 2FA independently from their own User Settings.
Before You Start
You will need an authenticator app installed on your phone or desktop before beginning. Recommended options include:
- Google Authenticator (Android/iOS): free, widely used, straightforward setup
- Authy (Android/iOS/desktop): supports multi-device sync and encrypted backups, which helps if you lose your phone
- 1Password, Bitwarden, or Dashlane: if you already use a password manager with built-in 2FA support
Kinsta uses app-based 2FA rather than SMS-based 2FA. Authenticator apps are more secure because they are not vulnerable to SIM-swapping attacks and work even without a mobile signal.
How to Enable 2FA on MyKinsta
Step 1 - Log In to MyKinsta
Log in to your MyKinsta dashboard using your email address and password.
Step 2 - Open User Settings
Click on your account avatar in the bottom-left corner of the MyKinsta dashboard. Select User Settings from the menu that appears.
.png)
Step 3 - Enable Two-Factor Authentication
Scroll down the User Settings page to the Two-Factor Authentication section. Click Enable Two-Factor Authentication. A QR code will appear on screen.
Step 4 - Scan the QR Code
Open your authenticator app and scan the QR code displayed in MyKinsta. If your app supports manual entry, you can use the setup key shown below the QR code instead. Once scanned, the app will begin generating 6-digit one-time codes that refresh every 30 seconds.
Step 5 - Enter the Verification Code
Enter the current 6-digit code from your authenticator app into the confirmation field in MyKinsta and click Verify. MyKinsta will confirm that 2FA is now active on your account. You will be prompted for a code each time you log in from a new device or browser.
Adding MyKinsta 2FA to 1Password
If you already use 1Password, you can store your MyKinsta one-time codes alongside your login. Take a screenshot of the QR code displayed in MyKinsta and save it to your desktop. In 1Password, open your MyKinsta login entry, click Edit, add a One-Time Password field, then click the QR code icon and drag the screenshot into the scanner. Save the entry. 1Password will now generate your MyKinsta one-time codes automatically when you fill your login credentials.
If the QR code is not recognised, take a fresh screenshot and ensure there is adequate whitespace around the code before trying again.
What to Do If You Lose Access to Your Authenticator
If you lose your phone or delete your authenticator app without saving a backup, contact Kinsta support directly. They will verify your identity and disable 2FA on your account so you can log in and set it up again with a new device.
To avoid this situation, use Authy (which supports encrypted cloud backups) or save your 2FA setup key in a secure location when you first enable it. This key allows you to reconfigure your authenticator on any device.
Switching Your Authenticator to a New Phone
Switching phones is the most common reason 2FA stops working on MyKinsta. The safest approach is to transfer accounts before wiping the old device:
- Authy: enable multi-device sync in Authy settings on the old phone, install Authy on the new phone, and approve the new device from the old one. Your MyKinsta entry transfers automatically.
- Google Authenticator: use the built-in account transfer feature (tap the menu icon, then choose Transfer accounts and Export accounts) to generate a QR code, then scan it from the new phone.
- 1Password or Bitwarden: log in to your vault on the new device. One-time password entries sync automatically with the rest of your vault.
If you have already switched devices and no longer have access to the old authenticator, go to MyKinsta User Settings, disable 2FA using a backup code or by contacting Kinsta support to verify your identity, then re-enable it from scratch on the new device by scanning a fresh QR code.
How to Disable 2FA on MyKinsta
To turn off two-factor authentication, go to User Settings and scroll to the Two-Factor Authentication section. Click Disable Two-Factor Authentication. MyKinsta will ask you to enter a one-time code from your authenticator app to confirm you still have access before completing the change.
If you no longer have access to your authenticator (lost phone, deleted app, or wiped device), you cannot disable 2FA yourself. Contact Kinsta support through the MyKinsta chat. They will verify your identity and disable 2FA so you can set it up again with a new device.
How to Enforce 2FA Across Your Kinsta Team
Kinsta company owners can require all users on the account to have 2FA active. Go to Company Settings > Security and enable the 2FA enforcement option. Once enabled, any team member who logs in without 2FA is prompted to configure it before they can access the dashboard.
This is worth enabling for any agency or team where multiple people share MyKinsta access. A single compromised account without 2FA can result in site changes, DNS edits, or billing issues that are difficult to reverse quickly.
Two-Factor Authentication and MyKinsta User Roles
In MyKinsta, each user manages their own 2FA settings independently, regardless of their role (Company Owner, Admin, Developer, or Billing). A Developer-role user must enable 2FA on their own account separately from the Company Owner. If 2FA enforcement is turned on at the company level, all roles are required to comply before they can access the dashboard. This means there is no role that is exempt from the requirement once enforcement is enabled.
Final Word: How to Enable Two-Factor Authentication on MyKinsta
Enabling 2FA on MyKinsta takes under two minutes and significantly reduces the risk of unauthorised account access. Use an authenticator app such as Google Authenticator, Authy, or your password manager for the most secure setup. Save your setup key when you first enable it so you can recover access if you change devices. For troubleshooting site errors after securing your account, you can also enable WordPress debug mode in MyKinsta from the Tools tab. You can also manage your MyKinsta notifications to control which alerts and emails your account sends. For an overview of everything Kinsta includes across plans, see our Kinsta hosting guide. For user roles, billing, and domain management inside MyKinsta, see the Kinsta account and domain management guide.
