Enabling 2FA on your patient portal
Add a second factor to your sign-in for stronger protection.
Overview
Two-factor authentication makes your account significantly harder to hack. Your portal supports authenticator apps (Google Authenticator, Authy, 1Password) and passkeys (Touch ID, Face ID, hardware key).
Prerequisites
- Signed-in portal account
- Smartphone or device with biometric (or a hardware security key)
Steps
Open Profile → Security. Side menu → Profile → Security tab.
Click "Set up 2FA". Two options: authenticator app or passkey.
Authenticator app path. Click Set up authenticator app. A QR code appears.
Scan with your authenticator app. Open Google Authenticator (or similar), tap + → Scan QR code, scan.
Enter the 6-digit code. Your app shows a rotating 6-digit code. Type it into the verification field.
Save backup codes. A list of one-time-use backup codes appears. Save these somewhere safe.
Passkey path (alternative). Click Set up passkey. Browser prompts for biometric (Touch ID, Face ID, Windows Hello).
Confirm with biometric. Touch the sensor or face the camera. Passkey enrolled.
Test by signing out and back in. Confirm the 2FA prompt appears.
Expected outcome
- Sign-in now requires both password + 2FA
- Backup codes available for lost-device scenarios
- Your account significantly harder to compromise
Troubleshooting
| Symptom | Likely cause | Fix |
|---|---|---|
| QR code won't scan | Camera issues | Use the manual entry secret instead |
| 6-digit code rejected | Time skew | Sync your phone's clock |
| Lost authenticator app | Use backup code | Or contact clinic to disable 2FA after identity verification |
| Browser doesn't support passkey | Older browser | Use authenticator app instead |
| Want to disable | Profile → Security → Disable 2FA | Possible; reduces security |