How do I disable 2FA?

You can disable 2FA anytime — but that's rarely a good idea. Your account becomes significantly less secure.

How to do it

1. Open Settings (/dashboard/settings)
2. Find the "Two-factor authentication" section
3. Click "Disable 2FA"
4. A confirmation dialog appears
5. Enter your current 2FA code (or password)
6. Click "Confirm"
7. 2FA is disabled — you get a confirmation email

When does disabling make sense?

✅ Good reasons

• New phone — you re-enable 2FA on the new device
• Switching apps (e.g. Google Authenticator → Authy) — disable and re-enable
• Temporary tests on a dev account

❌ Bad reasons

• "It's annoying to log in" — get a password manager with 2FA auto-fill
• "I don't need it" — you need 2FA until you get hacked, then too late
• "No time" — 3 seconds per login isn't much

What happens after?

• Login only needs email + password (no more 2FA code)
• Your account is less secure
• You get an email notification (security notice)
• The setting is immediately effective

Admin accounts

Important: LACOP requires 2FA for admin accounts. If you're admin and disable 2FA:

• You see a warning banner in the dashboard
• You can't use admin API routes anymore
• You're reminded repeatedly to re-enable 2FA

Switch 2FA method

If you just want to switch methods (e.g. Google Authenticator to Authy):

1. Disable 2FA
2. Immediately re-enable it with the other app
3. Test the new code
4. Delete the old secret in the old app

That way you have no security window without 2FA.

Lost phone and no backup codes?

If you can't log in because your 2FA is gone:

1. Authy users: install app on new phone, restore account
2. Other apps: without backup codes you need our support
3. Write to support@lacop.app with:
   • Your login email
   • Your slug (portfolio name)
   • Approximate time of last login
   • Proof you own the account

We verify manually and disable 2FA on request — takes 1-2 business days.

Questions? support@lacop.app