×

Secure your ClickUp account

/ ClickUp / By

How to update two-factor authentication in ClickUp

Protecting your ClickUp account with two-factor authentication (2FA) adds a vital security layer to your workspace. This guide walks you through updating, resetting, and removing 2FA so you can keep access to your tasks and docs secure, even if you lose your device.

What two-factor authentication does in ClickUp

Two-factor authentication requires a second verification step in addition to your password when you sign in. In ClickUp, this means that after entering your email and password, you also confirm your identity using a code or a security key.

Using 2FA greatly reduces the risk of unauthorized access, even if someone discovers your password. It is especially important for admins and members who manage sensitive projects or client information.

Methods to secure your ClickUp login

You can protect your account using industry-standard verification methods supported by the platform. These options give you flexibility depending on your device and security needs.

Authenticator app for ClickUp sign in

An authenticator app generates time-based one-time passwords (TOTPs) for signing in. Common apps include Google Authenticator, Authy, and Microsoft Authenticator. Using an app is one of the most reliable ways to secure your ClickUp login because the codes are stored on your device and rotate frequently.

FIDO2 or U2F security key for ClickUp

A physical security key is a hardware device that verifies your identity. When you sign in to your ClickUp account, you connect the key or tap it, depending on the device type. This method is resistant to phishing attacks and is ideal for people who need strong, hardware-backed security.

Update your two-factor authentication in ClickUp

You may need to update 2FA if you switch phones, change authenticator apps, or add a new security key. Follow these steps to adjust your settings safely.

Change your authenticator app in ClickUp

Use this process when moving from one authenticator app to another or setting up 2FA on a new device.

  1. Sign in to your account using your current 2FA method.

  2. Open your personal settings from your avatar in the bottom-left corner of your workspace.

  3. Go to the security or two-factor authentication section.

  4. Disable your current authenticator app option following the on-screen instructions.

  5. Re-enable two-factor authentication with your new authenticator app by scanning the QR code or entering the setup key provided.

  6. Confirm the change by entering the verification code generated by the new app.

After these steps, only your new authenticator app will produce valid login codes for your ClickUp account.

Update a security key in ClickUp

If you replace, lose, or add a security key, you should update your 2FA configuration immediately.

  1. Log in using your existing 2FA method, such as your authenticator app or your current key.

  2. Open your personal settings and navigate to the two-factor authentication area.

  3. Remove any security keys you no longer use.

  4. Add your new FIDO2 or U2F key by following the prompts in your browser.

  5. Test the new key by signing out and signing back in to confirm it works correctly.

Maintaining updated keys ensures that hardware-based protection for your ClickUp workspace stays effective.

Reset two-factor authentication when locked out

If you lose access to your 2FA device or security key and cannot sign in, you need to reset two-factor authentication. This process safeguards your ClickUp account by confirming your identity before removing the old 2FA configuration.

Use backup options for your ClickUp account

When you first set up two-factor authentication, you may receive backup or recovery options. Keep them safe because they make account recovery easier.

  • Store backup codes in a password manager or secure document.

  • Register more than one security key so you have a spare.

  • Install your authenticator app on a secondary device if supported.

If these options are available, follow the recovery instructions provided during login. Doing so restores access without compromising security.

Contact support to regain ClickUp access

If you cannot use backup codes or a secondary key, you may need help from support. When submitting a request, provide as much accurate information as possible so the team can confirm you are the rightful account owner.

  • Use the same email address that you use to sign in.

  • Be ready to verify workspace details, such as workspace name or billing information, if requested.

  • Explain how you lost access to your previous 2FA method.

After verification, support can guide you through safely resetting 2FA for your ClickUp account so you can sign in again.

Remove two-factor authentication in ClickUp

Removing 2FA is not recommended because it weakens your security, but there may be cases where you need to disable it temporarily. Always enable a secure method again as soon as possible.

Turn off 2FA from your profile in ClickUp

Use these steps to remove two-factor authentication from your own profile.

  1. Sign in with your current 2FA method.

  2. Open your personal settings in the workspace.

  3. Go to the dedicated two-factor authentication section.

  4. Choose the option to disable your authenticator app, security key, or both.

  5. Confirm the change when prompted.

Once disabled, your ClickUp sign in will only require your email and password. Re-enable 2FA soon to keep your workspace secure.

Workspace considerations for ClickUp admins

Admins should consider the impact on workspace security before advising members to remove 2FA. For teams working with private or client data, encourage every member to keep some form of two-factor authentication active.

  • Create internal guidelines for using authenticator apps or security keys.

  • Offer guidance on storing backup codes securely.

  • Review access policies regularly to align with your security requirements.

Best practices for managing 2FA in ClickUp

Staying secure is an ongoing process. Follow these practices to keep your account and workspace safe while minimizing the risk of lockouts.

  • Register both an authenticator app and at least one security key when possible.

  • Update your authenticator app when you change or reset your phone.

  • Store security keys in safe locations but still accessible when needed.

  • Review your two-factor settings periodically to remove old devices.

  • Educate your team about phishing and never sharing 2FA codes.

More resources for ClickUp security

For the official, most up-to-date details on updating two-factor authentication, visit the original help center article: Update two-factor authentication.

If you are designing broader processes around workspace configuration, automation, or documentation, consider expert implementation guidance and consulting resources such as Consultevo for structured rollout strategies.

By keeping two-factor authentication properly configured and maintained, you ensure that only authorized users can access your ClickUp environment, while still preserving convenient and reliable sign-in for your team.

Need Help With ClickUp?

If you want expert help building, automating, or scaling your ClickUp workspace, work with ConsultEvo — trusted ClickUp Solution Partners.

Get Help

“`

Verified by MonsterInsights