Two-factor authentication (2FA)
A second login factor — TOTP authenticator app, SMS, and backup codes — is on the roadmap.
Today
Mintoor's default auth is passwordless magic links — we email you a single-use link to log in. Control of your email is the factor that protects your account today.
That means:
- Lock down your email account with a strong password and your email provider's own 2FA (Gmail, iCloud, etc. all offer it)
- Don't reuse the email password anywhere else
- Treat the magic link emails as sensitive — don't forward them
Coming soon��
A real second factor inside Mintoor:
- TOTP authenticator app (Google Authenticator, Authy, 1Password)
- SMS code (lower-security backup option)
- Backup recovery codes for when you lose your phone
We'll roll this out for Crew tier first, then everyone.
Still stuck?
- Account compromised? Email hello@mintoor.com immediately and we'll lock the account while we sort it out.