Two-factor authentication on Proton VPN
Two-factor authentication (2FA)(new window) adds an additional layer of security to your Proton VPN account by requiring a second round of verification to the login process. To use 2FA, you must have a device with an authenticator app installed on it. The authenticator app creates a one-time, 6-digit code to use as a verification code when you log in.
This means that even if an attacker gets a hold of your password, they cannot log in to your account unless they also have access to your mobile phone. We recommend enabling 2FA on your account to keep your account secure.
Here are some authenticator apps you can download on your mobile device:
Android
iOS
You can now also generate 2FA codes using Proton Pass(new window).
How to set up 2FA
To set up 2FA in your Proton VPN account:
1. Sign in to your Proton VPN account at account.protonvpn.com.
2. Go to Account → Two-factor authentication and toggle the Authenticator app switch on. You’ll be asked to provide password authentication.
3. Click Next to start your 2FA setup.
4. Open your authenticator app on your mobile device, and scan the QR code with your device’s camera.
Note: Do not scan the demo image shown below. Scan the image shown in your account settings.
If you prefer, you can enter the authentication key manually by selecting Enter key manually instead. Use this method for 2FA using the Proton Pass browser extension.
Once you have successfully added your Proton VPN account to your authenticator app, click Next.
5. Enter The one-time 6-digit code generated by your authenticator app, and click Submit.
6. You’ll also receive several one-time recovery codes. Please save these codes in a secure location. If you lose your authentication device, you can enter a recovery code instead of a one-time code generated by your authenticator app. You can only use each recovery code once.
Your 2FA setup is now complete. You can now use the authenticator app on your mobile device to create 6-digit verification codes to access your account.
How to reset 2FA
If you loose access to your Authenticator app (for example, if you lose your phone), you can reset your Proton 2FA. To do this:
1. Sign in to your Proton VPN account at account.protonvpn.com. When you’re asked for a 2FA code, use one of the one-time recovery codes that you saved in Step 6 above.
2. Go to Account → Two-factor authentication and toggle the Authenticator app switch off.
3. Click Disable and provide password authentication.
Once done, your old 2FA codes will no longer work. We strongly recommend setting up 2FA again once you have access to an Authtenicator app. To do this, you’ll need to repeat the process described above.
How to use 2FA with multiple devices
If you wish to receive your 6-digit verification codes on multiple devices — for example, your phone and your tablet — you must install an authentication app on each device.
If you’ve already enabled two-factor authentication, you’ll need to disable it first.
1. Log in to your Proton VPN account at account.protonvpn.com.
2. Go to Two-factor authentication and toggle the Authenticator app switch off. Click Disable and provide password authentication.
3. Toggle the Two-factor authentication switch back on and configure 2FA as described above. At step 4, all devices you want to use to authenticate 2FA must be configured at the same time and using the same QR code or manual authentication key.