Skip to main content

Multi-Factor Authentication (2FA) Best Practices

Learn best practices for securing your Goodshuffle Pro account with multi-factor authentication (2FA), password managers, and encrypted recovery codes.

Written by Jake Scotto
Updated this week

This feature is available on all Goodshuffle Pro Plans.

Good account security isn't about one thing — it's about layers. If one fails, the others still protect you. These three practices work together to keep your Goodshuffle Pro account secure.

There are three key pillars to staying secure online:

  • Always use 2FA through an app

  • Use a password manager

  • Save your backup codes somewhere encrypted

1. Use 2FA Through an Authenticator App, Not SMS

Text message codes can be intercepted through a technique called SIM swapping. An authenticator app generates codes locally on your device, making them far more secure.

Recommended apps:

🚫 Never back up your authenticator app to your email

If your email is compromised, a bad actor would have access to both your password reset link and your 2FA codes.

2. Use a Password Manager

A strong password is one that's impossible to guess — which also means it's impossible to remember. Password managers generate and store complex passwords for you, so every account gets a unique one.

Passwords should be random, complex, and unmemorable. Benefits include:

  • Randomized password generation

  • Secure storage across devices

  • Shared vaults (great for families or teams)

The Goodshuffle team uses 1Password, which offers team vaults and family plans.

Other solid options: Bitwarden (free), Dashlane, or iCloud Keychain for Apple users.

💡 If you can remember your password without the manager, it's not strong enough.

3. Store Your Recovery Code Safely (and Separately)

Your 16-digit recovery code is a single-use backup that lets you access your account if you lose your phone. Keep it in a secure, accessible place, but separate from your other credentials.

💾 Where to store your recovery code

  • Password-protected Notes on Mac (Notes → Lock Note)

  • An encrypted folder on a Windows PC (right-click → Properties → Advanced → Encrypt)

  • Printed and kept in a locked drawer

🚫 Where NOT to store your recovery code

  • Your password manager — if it's ever breached, both your password and backup are exposed

  • Your email — email is a common attack vector

  • A shared or cloud-synced document

If you are an Admin or another user on an account who has lost access to your Recovery Code? Please ask your Account Owner to generate a new code for you.

Before You Switch Phones

Getting a new device is the most common reason people get locked out of 2FA. Before you wipe or trade in your old phone:

  • If using Authy: enable multi-device support and add your new phone before removing the old one

  • If using Google Authenticator: use the Transfer Accounts feature (open app → three dots → Transfer accounts → Export accounts)

  • If you've already switched phones: use your recovery code to log in and re-enroll.

Want to Enable 2FA in Goodshuffle Pro?

You can follow these steps to enable 2FA for your login and require it for your team.

Need Additional Support?

Click the blue chat bubble in the bottom corner of your screen to message our support team—we’re happy to help!

Related Articles
How Can I Maximize My Goodshuffle Pro Account Security?
How Account Owners Can Require Two-Factor Authentication for All Users
How to Set Up Two-Factor Authentication (2FA) with an Authenticator App
Two-Factor Authentication (2FA) Frequently Asked Questions
Manage Two-Factor Authentication Recovery and Setup in Goodshuffle Pro
Did this answer your question?