Multi-Factor Authentication (MFA for short) is a great way to add an extra layer of security to your Discord account to help you stay in control of logging in.
Types of Multi-Factor Authentication
Discord supports three types of MFA: Security Keys (Passkeys), Authenticator App, and SMS. We recommend setting up a Security Key , but you can choose any combination of these options to secure your Discord account, and you’ll always have Backup Codes in case you lose access to your MFA device.
Passkeys and Security Keys
Discord supports the newest standards for authentication: Passkeys and Security Keys, an easier to use and more secure way to sign into your account! Passkeys are encrypted digital keys you create using your fingerprint, face, or screen lock, and they can be stored in your password manager so you can sign in to your account on other devices with the installed password manager. When you log into Discord, your device will prompt you to use the passkey the same way you created it (e.g., with Face ID), then you’re logged in! No password needed.
This method is one of the best ways to protect your account because it is simple to use, on your own devices, backed up in the cloud, and most importantly, phishing resistant. To get started, go to your User Settings, go to Account, tap Security Keys, then Add to enroll a Passkey on your device.
For more information and detailed instructions on how to enroll a Passkey, check out Security Keys, Passkeys, and Passwordless Login on Discord.
Authenticator App
An Authenticator App, or Time-based One-Time Password (TOTP), is an established industry standard for MFA. When you register an Authenticator App with Discord, you scan a QR code or manually enter a secret in a dedicated app (like Google Authenticator) or password manager. That app will then generate a new code every 30 seconds - whenever you want to log in to Discord, you’ll need to provide that generated code.
Keep these generated codes safe! Anyone with your password and a recently-generated code can log into your account. Additionally, not all Authenticator Apps support syncing across devices or on the cloud - if you lose your phone and don’t have access to your Authenticator App backup codes, you might not be able to log into your Discord account!
For more information and detailed instructions on how to enroll an Authenticator App, check out Using an Authenticator App on Discord.
SMS/Texts
To be transparent, SMS MFA is better than no MFA, but not by a lot. Hackers have advanced a lot in recent years - they can intercept text messages and take over phone numbers without anyone realizing by performing a “SIM Swap” directly with carriers.
While we do support SMS MFA, we don’t recommend it - and it can only be enabled once you’ve already set up an Authenticator App.
Backup Codes
What happens when the worst case scenario happens? You’ve registered your security key, but your laptop’s been stolen; or configured your Authenticator, but lost your phone. How can you regain access to your account? With Discord Backup codes!
Backup codes are special one-time use codes we give you after signing up for MFA. Keep these secret and well-protected. We recommend storing them in a password manager, but you can also print them out and hide them if you’d prefer.
If you are locked out of your account and need to get past MFA, you can use one of these codes in order to recover and reconfigure your account. Each code can only be used once, so once your account is under your control again with new MFA configured, generate some new codes and hide them away safely again.
I forgot to download my codes
It's all good, you can still do this in your account settings! Your settings screen will now look something like this:
1. Tap on the cogwheel [] in the bottom-left corner to access User Settings then make sure you’re under My Account.
2. Select View Backup Codes to see your codes (and which one’s you’ve used) as well as get the option to download them.
I forgot to add my phone as backup
No worries again! Head back to your account and press the Enable SMS Authentication button.
Verify that number in Discord.
Now, after you login with username + password, you’ll get an additional screen like this:
Just enter the code from your text message and you’re in!
Now when you login, if the feature is enabled, you will have a link to request an SMS with a code to authenticate yourself as a backup option.