Dad Enables 2FA

Hey there,

If you're signing in—or joining us for the first time—you’ll notice a new step:

Two-Factor Authentication (2FA) is now required when setting up your profile.

This change is a simple but important one. It's all about protecting your identity and making sure that when you're here, it's really you.

We’ve rolled out support for time-based one-time passwords (TOTP) using the widely adopted RFC 6238 standard. That means you can use any TOTP-compatible app—like Google Authenticator, Microsoft Authenticator, or Authy—to generate secure login codes. If you’d rather stick to your inbox, you can also receive 6-digit one-time codes via email.

To make setup painless, we use QR codes (generated via the QRCoder library) so you can scan and go with your authenticator app. If you don't have one, no problem—email codes will work just fine and are automatically available as a fallback.

Here’s how it works in practice:

When you log in, you’ll enter your username and password as usual. Then, if you haven’t configured 2FA yet, you’ll be guided through a quick setup. From then on, each time you sign in, you’ll enter a short verification code from your authenticator app or your email. Setup is required on first login, but after that, it’s smooth sailing.

Codes from apps refresh every 30 seconds, while email codes remain valid for 10 minutes—giving you flexibility while keeping security tight.

We've worked to ensure the experience is mobile-friendly, easy to understand, and adaptable to how you prefer to authenticate. And of course, you can manage or update your 2FA settings any time from your profile.

So go ahead—pick the method that suits you. Use your favorite app, or stick with email. Either way, we’ve got your back.

Stay safe. Stay secure. Stay known.

~ Dad