Skip to content

Multi-factor authentication

Enable multi-factor authentication (MFA) to keep your PlanetScale account secure.

Overview

Multi-factor authentication (MFA) provides better safety for your databases and prevents unauthorized access to your user account. MFA strengthens security by requiring two or more methods (i.e. authentication factors) to verify your identity.

PlanetScale allows users logging in with an email address and password to set MFA as a requirement for logging into the user account.

If you're authenticating via GitHub OAuth or SSO, MFA settings will not be displayed.

Authentication providers

PlanetScale supports login with a unique time-based one-time password (TOTP) that is generated for your user account by using TOTP apps such as 1Password, Authy, or LastPass Authenticator.

Enable MFA

You can enable MFA for your user account under your PlanetScale account settings.

  1. Go to your PlanetScale account settings page.

  2. Find the Security row and click the "Setup multi-factor authentication" button.

Click the "Setup MFA" buttonClick the "Setup MFA" button

This will bring up a pop-up modal with a QR code and some recovery codes that you will need to copy.

Pop-up modal with QR code and recovery codesPop-up modal with QR code and recovery codes

  1. Scan the QR Code with your preferred TOTP app and enter the generated code.

  2. Press "Validate OTP" to ensure that your application setup is correct.

  3. Once the generated code is validated, click the Copy button in the recovery codes section.

Copy the recovery codesCopy the recovery codes

Recovery codes are only visible during the MFA setup process. Make sure the recovery codes are copied and saved some place secure before continuing.
  1. Click Done to close the pop-up modal.

Login with two-factor authentication

Once you've enabled MFA in your PlanetScale user account, the next time you login, you'll be prompted to enter your two-factor authentication (2FA) code.

  • Use the OTP code generated by your preferred TOTP app to login to your PlanetScale account.

Recovery code login

The recovery codes shown during the MFA setup are crucial to regain access to your account, in the event that you lose the device that you used to setup your TOTP application and create authentication codes.

You can use one of the recovery codes in the place of a TOTP token in the second screen during login.

Disable MFA

We strongly recommend that you do not disable MFA to avoid unauthorized access to your user account.
Effects of disabling MFA:
  • Any devices setup with the QR code for your account will no longer be able to produce valid OTP tokens.
  • Any recovery codes that were generated when MFA was enabled will no longer be valid.

You can disable MFA for your user account under your PlanetScale account settings.

  1. Go to your PlanetScale account settings page.

  2. Click the Disable button next to "Multi-factor authentication enabled" in the Security row.

Click the "Disable" buttonClick the "Disable" button

  1. Enter an OTP code or one of the recovery codes generated by your preferred TOTP app to confirm.

Disable MFA pop-up modalDisable MFA pop-up modal

  1. Click the Disable button to close the pop-up modal.

Need help?

Get help from PlanetScale's support team, or join our GitHub Discussion board to see how others are using PlanetScale.

Was this page useful?
Last updated on October 15, 2021
Help us improve this page
PrivacyTerms© 2021 PlanetScale Inc.