How to set up an authenticator app
Two-factor authentication (2FA) adds a second step to signing in to Baton. After you enter your password, Baton also asks for a short, single-use code — so even if someone learns your password, they can't get into your account without your phone.
That code comes from an "authenticator app": a free app you install on your phone (common ones are Google Authenticator, Microsoft Authenticator, 1Password, and Authy) that generates a new 6-digit code every 30 seconds. You'll link the app to Baton once, and from then on it produces the codes you need at sign-in. This article walks you through that one-time setup.
What you'll need
- An authenticator app installed on your phone. If you don't have one yet, install any of the apps above from your device's app store — they're all free, and any of them works with Baton.
- A few minutes at a computer where you're signed in to Baton.
Setting up your authenticator app
1. In Baton, open your "profile settings" and find the "Two-factor authentication" row.
2. Click "Set up", then click "Add an authenticator app".
3. Give the key a name you'll recognize later — for example, the phone it lives on. Baton fills in a default name you can keep. Click "Create".
4. Open your authenticator app on your phone and choose to add a new account (usually a "+" or "Scan QR code" button). Point your phone's camera at the QR code Baton shows on screen.
5. Your app will display a 6-digit code for Baton. Type that code into the "6-digit code" field.
6. Enter your Baton password to confirm it's you, then click "Verify & activate".
That's it — two-factor authentication is now on. The next time you sign in, Baton will ask for your password as usual, then for the current code from your authenticator app.
NOTE: Can't scan the QR code? Every setup screen also shows a "setup key" (a short string of letters and numbers). In your authenticator app, choose to enter a key manually and type it in instead — it links the app the same way.
Save your backup codes
Right after you set up your first authenticator, Baton shows you a set of "backup codes". These are your safety net: if you ever lose your phone or can't open your authenticator app, you can sign in with one of these codes instead.
A few things to know about them:
- Save them now. Copy them somewhere safe — a password manager is ideal. Baton shows them only once, at setup, and won't display them again.
- Each code works once. After you use a code to sign in, it's spent. You can see how many you have left, and generate a fresh set, anytime from the Two-factor authentication settings.
- Keep them private. A backup code can sign in to your account on its own, so treat them like passwords.
If you ever run low or think a code may have been exposed, regenerate your codes — doing so instantly replaces the old set.
Signing in from then on
At each sign-in, enter your password, then the current 6-digit code from your authenticator app. If you don't have your phone, choose to use a "backup code" instead, or have Baton "email you a one-time code". Any of the three gets you in.
