How to Enable Two-Factor Authentication on Discord

Discord accounts are a frequent target for attackers — hacked accounts are used to send phishing links to friends, steal Nitro subscriptions, and gain access to private servers. Two-factor authentication makes it much harder for an attacker to break into your account even if they have your password. Here is everything you need to know.

How to Enable 2FA on Discord

1. Open Discord on desktop or in your browser and sign in.
2. Click the ⚙ User Settings gear icon at the bottom left.
3. Go to My Account.
4. Scroll down and click Enable Two-Factor Auth.
5. Discord asks for your account password to confirm. Enter it and click Continue.
6. A QR code appears. Open your authenticator app, add a new account, and scan it. Alternatively, click I can't scan the QR code to get a text key you can enter manually.
7. Enter the 6-digit code shown in your authenticator app and click Activate.
8. Discord displays 8 backup codes. Download them and store them in a safe place.

Discord's 2FA Options

Authenticator App (Recommended)

Any TOTP-compatible authenticator works with Discord: Google Authenticator, Authy, Microsoft Authenticator, 1Password, Bitwarden, and others. After entering your password, Discord asks for the 6-digit code from your app. This is the most reliable and secure method for most users.

SMS Backup

After setting up an authenticator app, Discord optionally lets you add a phone number as an SMS backup. This means if you do not have your authenticator app available, Discord can text you a code instead. Note that SMS is less secure than an authenticator app — only enable it as a fallback if you are comfortable with the trade-off.

What Happens After You Enable Discord 2FA

Once 2FA is active, every sign-in from a new device or browser will require both your password and a verification code. Existing sessions on devices you are already signed in to are not affected immediately. You can manage and end active sessions under User Settings → Devices.

In addition to login protection, your account's QR code login feature is disabled when 2FA is active, which prevents an attacker from scanning a malicious QR code to steal your session.

Backup Codes on Discord

Discord provides 8 single-use backup codes when you enable 2FA. Store them in a password manager or somewhere safe offline. Each code can only be used once. If you use all your backup codes or misplace them, you can generate a new set from User Settings → My Account → View Backup Codes. Generating new codes invalidates all previous ones.

Viewing and Generating New Backup Codes

To see your backup codes after setup, go to User Settings → My Account and click View Backup Codes next to the 2FA section. This requires re-entering your password. You can also regenerate fresh codes here if your old ones have been used or compromised.

Lost Access to Discord 2FA?

If you cannot access your authenticator app, click Lost your 2FA code? on the Discord sign-in screen and enter one of your backup codes. If you have no backup codes and no access to the original authenticator, contact Discord support. The recovery process involves verifying your identity as the account owner, which may take several days.

Enabling 2FA Requirement for Your Discord Server

As a server owner, you can require all moderators to have 2FA enabled before they can use moderation actions. Go to your server's Settings → Safety Setup → Moderation and enable Require 2FA for moderator actions. This protects your community from scenarios where a moderator's account gets compromised and used maliciously.