Two-factor authentication adds a second step to login. Lattica supports authenticator apps, security keys, and (on Business and above) workspace-wide enforcement.
Authenticator apps
The recommended option for individuals. Open Account → Security → Add 2FA, scan the QR code with any TOTP app — 1Password, Authy, Google Authenticator, Bitwarden, Microsoft Authenticator — and enter the six-digit code to confirm.
Lattica issues ten one-time recovery codes after setup. Save them somewhere offline. If you lose access to your authenticator, recovery codes are how you get back in without contacting support.
Security keys (WebAuthn)
For higher-assurance setups, add a hardware key — YubiKey, Titan, or any FIDO2-compliant device. From the same Security page, click Add security key and follow the browser prompt. You can register multiple keys (a primary and a backup is the usual pattern).
Phones with platform authenticators (Touch ID, Face ID, Windows Hello, Android biometrics) also work as security keys.
Workspace enforcement
Admins on Business and Enterprise plans can require 2FA for everyone in the workspace. Settings → Security → Require two-factor authentication. Existing members get a 14-day grace period to enroll; new members enroll on first login.
Members who don’t enroll within the grace period lose workspace access until they do — they can still log into Lattica itself, but every workspace request fails until 2FA is set up.
Lost device
If you lose your phone or key and don’t have recovery codes:
- Try logging in from a previously trusted device — sessions remain valid for 30 days.
- If no trusted session exists, contact your workspace admin. They can reset 2FA for your account after verifying identity through an out-of-band channel (a short call, Slack, etc.).
- For solo workspaces with no other admin, email support@lattica.app — recovery requires identity verification and takes 1-2 business days.