About two-factor authentication (2FA)
Two-factor authentication (2FA) adds an extra layer of security to your BeMatrx account. With 2FA enabled, you'll need both your password and a 6-digit code from your authenticator app to sign in.
Why 2FA matters
Even if your password is leaked or guessed, no one can sign in to your account without access to your authenticator device. 2FA is one of the strongest protections available against account takeover.
What you need
To use 2FA, install an authenticator app on your phone. Popular options include:
- Google Authenticator (iOS, Android)
- 1Password (cross-platform, paid)
- Authy (iOS, Android, desktop)
- Microsoft Authenticator (iOS, Android)
- Any other TOTP-compatible authenticator
Enabling 2FA
To turn on two-factor authentication:
- Open the BeMatrx app and tap the Profile tab.
- Tap the Settings icon (gear).
- Go to Account & Security.
- Tap Two-Factor Authentication.
- Tap Enable 2FA.
- Scan the displayed QR code with your authenticator app, or copy the setup key manually.
- Enter the 6-digit code from your authenticator to confirm setup.
- 2FA is now active on your account.
Signing in with 2FA
Once 2FA is enabled, every sign-in requires two steps:
- Enter your email and password as usual.
- Open your authenticator app and enter the current 6-digit code for BeMatrx.
The code refreshes every 30 seconds. If a code expires before you enter it, simply use the next one.
Disabling 2FA
For security reasons, we recommend keeping 2FA enabled. If you need to disable it:
- Go to Settings > Account & Security > Two-Factor Authentication.
- Tap Disable 2FA.
- Enter your password.
- Enter the current 6-digit code from your authenticator.
- Confirm. 2FA is now disabled.
Lost access to your authenticator
If you lose access to your authenticator device (lost phone, deleted app, factory reset, etc.), contact us at privacy@bematrx.com from the email address associated with your account.
We'll verify your identity and help you regain access. Please include in your message:
- Your BeMatrx ID or username
- The email address on your account
- A brief description of why you lost access
Backup codes (coming soon)
In a future update, you'll receive a set of one-time backup codes when you enable 2FA. These codes can be used to sign in if you lose access to your authenticator device.
For now, the email recovery process above is the only way to regain access. We recommend taking the following precautions:
- Use an authenticator app that supports cloud backup (e.g., Authy, 1Password) so your codes survive device loss.
- Set up the same authenticator on a secondary device (tablet, secondary phone) if possible.
- Keep your account email address current and accessible.
Security best practices
- Never share your authenticator codes with anyone — BeMatrx will never ask for them.
- Don't take screenshots of your QR code or setup key. Treat them like a password.
- If you suspect someone has gained access to your authenticator, disable 2FA immediately and re-enable it with a fresh setup.
- Use a strong, unique password in addition to 2FA.