# Manage Two-Factor Authentication

Two-factor authentication (2FA) adds a second check on top of your password when you sign in, so an attacker who steals your password still cannot get into your account. Once 2FA is set up, you can adjust it at any time from the Cloud Voice App. This page covers removing a trusted device, switching to a different verification method, and turning the feature off entirely.

Each of these tasks starts from the same place: in the Cloud Voice App, click your account name in the top-right corner, then choose **Change Password & Security > Security Settings**.

## Remove a trusted device

A trusted device is one you told the app to remember, so it skips the second verification step on that device. Remove a device from the list when you no longer have access to it (for example, a lost, stolen, or replaced phone or computer) so it can no longer bypass verification.

1. Open **Change Password & Security > Security Settings** from your account menu.

   Every device you have trusted appears under **Trusted Device List**.

   
   ![Cloud Voice, Security Settings showing the Trusted Device List with an entry for each remembered device](/images/pbx/manage-trusted-devices.png)

2. Next to the device you want to drop, click the delete icon ![Delete icon](/images/pbx/delete.png).
3. Confirm by clicking **OK** in the dialog that appears.

:::caution
If a trusted device is lost or stolen, remove it right away. Until you do, whoever holds it can sign in with just your password and skip the second verification step. After removal, that device is prompted for full verification again the next time it signs in.
:::

## Change the verification method

You can swap your current second-factor method for a different one whenever you like (for example, moving from email codes to an authenticator app).

1. Open **Change Password & Security > Security Settings** from your account menu.
2. Click the edit icon ![Edit icon](/images/pbx/edit.png) next to the method currently in use.
3. Pick the method you want, then fill in the settings it requires.

:::caution
Confirm you can actually receive codes on the new method (for example, that the authenticator app is set up or the email inbox is reachable) before you finish. If the new method does not work, you could be locked out at your next sign-in.
:::

## Disable two-factor authentication

Turning the feature off means only your password protects sign-in, so leave it on unless you have a specific reason to remove it.

1. Open **Change Password & Security > Security Settings** from your account menu.
2. Clear the **Two-Factor Authentication** checkbox.
3. When the **Password** window appears, type your account password and click **Confirm** to verify it is you.
4. Back on the **Security Settings** tab, click **Save**.

   An "Edited successfully." message confirms that two-factor authentication is now off.

:::caution
Disabling 2FA weakens account security: a stolen or guessed password is then all someone needs to get in. If you must turn it off (for example, while troubleshooting), re-enable it as soon as you can.
:::

:::note
The password prompt in step 3 is a safeguard, not an extra sign-in. It confirms the person disabling 2FA is really you before the setting can change.
:::
