Two-Factor Authentication & Passkeys

Two-factor authentication (2FA) and passkeys protect your TheraTap account beyond just a password. You set up both under Settings → Security, and you can change them at any time.

---

At a glance

Authenticator app

An additional 6-digit code from an app such as Google Authenticator, Microsoft Authenticator or 1Password on every sign-in.

Passkeys

Passwordless sign-in with your fingerprint, face or device PIN – fast and phishing-resistant.

Recovery codes

One-time codes as emergency access in case you lose access to your authenticator app.

Change anytime

2FA and passkeys can be enabled, added and removed independently of each other.

Note

2FA and passkeys are optional. You decide whether and which method to use. For security, TheraTap asks for your password again before these actions.

---

Set up an authenticator app

1. Open Settings → Security and click Enable in the “Two-factor authentication” section.
2. Confirm your password for security.
3. Scan the displayed QR code with your authenticator app (or type the key in manually).
4. Enter the 6-digit code from the app and confirm.
5. Note or save the recovery codes shown afterwards in a safe place.

From now on, TheraTap asks for your authenticator code on every sign-in.

Caution

Keep your recovery codes safe – each code works exactly once. They are your emergency access if you lose your phone.

View or regenerate recovery codes

Under Settings → Security → Show recovery codes you can view the codes again or create a fresh set via Regenerate. The old codes then become invalid.

Disable two-factor authentication

In the same section, click Disable and confirm your password.

---

Using passkeys

A passkey replaces your password with your device’s unlock method – such as Touch ID, Face ID, Windows Hello or your phone’s PIN. Passkeys are bound to your device and cannot be phished.

Add a passkey

1. Open Settings → Security and click Add passkey in the “Passkeys” section.
2. Give it a name (e.g. “MacBook” or “iPhone”) so you can recognise it later.
3. Confirm the prompt from your browser or operating system (fingerprint, face or PIN).

The passkey then appears in the list. You can register several passkeys for different devices.

Sign in with a passkey

On the sign-in page, tap Sign in with a passkey and confirm the device prompt – no password needed.

Remove a passkey

In the passkey list, click Delete on the relevant entry and confirm your password.

Tip

Passkeys work in current versions of Safari, Chrome, Edge and Firefox. If your browser does not support passkeys, TheraTap hides the section with a note – use the authenticator app instead.

---

Frequently asked questions

Do I need both – an authenticator app and a passkey? No. Both methods are independent. Many people use passkeys for fast sign-in and keep the authenticator app as an additional safeguard.

I lost my phone – how do I get in? Sign in with one of your recovery codes (choose “Use a recovery code” on the code entry screen) or with a passkey on another device.

Does 2FA apply to my whole team? Each person enables 2FA and passkeys for their own account.