How can I set up two-factor authentication for my HubSpot login?

Last updated: March 21, 2018

Available For:

Marketing: Starter, Basic, Pro, Enterprise
Sales: Starter, Professional
Service: N/A

Two-factor authentication adds an extra layer of security on top of your username and password when logging into HubSpot by requiring verification of the login through a second linked device, such as an SMS message or Google Authenticator.

How is two-factor authentication more secure?

Because two-factor authentication requires that someone logging into an account has access to a physical object belonging to the account owner only, the risk of a potential intruder gaining access to your account is much lower. 

How can I enable two-factor authentication? 

First, keep in mind that HubSpot’s two-factor authentication is only enforced for logins using your HubSpot username and password. It cannot be used if you're using Google to sign into HubSpot.

To set up two-factor authentication in HubSpot:
  • Log into HubSpot and click your photo or avatar in the top right-hand corner, then click Profile & Preferences.  

  • In the left sidebar menu, click Security.
  • In the Two-step verification section, click Set up primary method and follow the on-screen instructions. You’ll need access to the device you intend to use as your other login method (e.g., your mobile phone with SMS or the Google Authenticator app). 

  • Once two-factor authentication is set up, you'll be prompted to enter a code that is delivered to your device. 
  •  After setting up your primary method, click Set up secondary method and follow the on-screen instructions. 

Please note: if possible, enable both a primary and secondary method, and make sure to set up and download your backup codes. Without a secondary method set up, if you lose all your two-factor authentication methods, you won't be able to access your account until HubSpot Support resets your two-factor authentication. This can take up to 72 hours. Additionally, please be sure to save and download backup codes when you enable two-factor authentication in case you lose access to your primary and secondary verification methods.

Was this article helpful?