Two-Factor Authentication (2FA)
Two-factor authentication adds an extra layer of security to your pCloud account by requiring an additional code when logging in. Even if someone discovers your password, they won't be able to access your account without the security code.
Note: Two-factor authentication requires a valid phone number or authenticator app to receive security codes.
How Two-Factor Authentication Works
With two-factor authentication enabled, you can only access your pCloud account on trusted devices. When logging in from a new browser or device, you'll need to provide:
- Your login credentials (email and password)
- A security code sent via SMS or authenticator app
Methods to Receive Security Codes
You can choose one of the following methods to receive your security codes:
- Text messages and system notifications: Receive codes via SMS on your mobile device or as pCloud notifications on logged-in devices
- Google Authenticator: Access your account even without internet connection using time-based codes from the authenticator app
Note: At the moment, you can only choose one way to receive security codes. To change methods, you need to disable your current two-factor authentication and re-enable it with the preferred method.
Setting Up Two-Factor Authentication
For Text Messages and System Notifications:
- Open my.pCloud and go to Settings > Security
- Toggle Two-factor authentication ON
- Enter your account password for verification
- Enter your phone number
- Enter the verification code you receive and save your Recovery codes
For Google Authenticator:
- Open my.pCloud and go to Settings > Security
- Toggle Two-factor authentication ON
- Enter your account password for verification
- Scan the QR code with Google Authenticator or manually enter the security key
- Enter the security code and save your Recovery codes
Recovery Codes
When setting up two-factor authentication, you'll receive 10 one-time recovery codes. These are essential for emergency access to your account if you:
- Lose your phone
- Can't receive a security code
- Have no devices logged into pCloud
Important: Each recovery code can only be used once. Store them in a safe place. You can view, download, or reset your recovery codes from Settings > Security > Two-factor Authentication > Manage.
Trusted Devices
When logging in with two-factor authentication, you can mark a device as trusted. This means you won't be asked for a security code on that device for the next 30 days.
Security Tip: Only mark devices as trusted if they are yours and safe to use.
Changing Your Phone Number
If you need to update the phone number associated with your two-factor authentication:
- Open my.pCloud and go to Settings > Security > Two-factor authentication
- Click Manage
- Click Change next to your phone number
- Enter the verification code you receive via text message
Troubleshooting
Not receiving a security code?
If you don't receive a code within 15 minutes, click "Can't receive code?" for instructions.
Lost your phone or trusted device?
- Change your account password from Settings > Change Password
- Go to Settings > Security and remove suspicious devices from Logged devices
- Reset two-factor authentication from Settings > Security
Received an SMS code you didn't request?
Someone may be trying to access your account. Take these steps immediately:
- Change your pCloud password
- Change the password of your registered email address
- Remove suspicious devices from Settings > Security > Logged devices
In an area with no cell service?
You can:
- Link pCloud with another device to receive codes as system notifications
- Set your current device as Trusted
- Use a Recovery code for quick access