Two-Factor Authentication (2FA) adds an extra layer of security to your TalentLMS account by requiring a second verification step when users sign in.
Following the upcoming March 2026 release, 2FA will be mandatory for all users with administrative permissions. Administrators can also choose to enable 2FA for Instructors and Learners.
In the following sections, you can find guidelines on how to set it up and how it works:
A. Setting up Two-Factor Authentication as an Admin
B. Configure Two-Factor Authentication settings for Admins, Instructors and/or Learners
C. Resetting Two-Factor Authentication for other users
D. Reconfiguring your own Two-Factor Authentication
| Note: Two-Factor Authentication applies only to users who sign in with their username and password. Users authenticated through SSO, social login, or API integrations are not required to complete the 2FA flow. |
Users can authenticate using:
- an Authenticator app (OTP-based)
- an Email verification link (available for users with administrative permissions)
| Note: For users to configure their own 2FA, they must have the Profile > View permission enabled. See here for more information on TalentLMS user types. |
A. Setting up Two-Factor Authentication as an Admin
When 2FA is required for your account, TalentLMS prompts you to configure it after signing in.
1. Sign in to your TalentLMS account using your username and password, and on the Set up two-factor authentication (2FA) window, select your preferred method (1) from the drop-down list:
- Authenticator app
- Email verification link (only for users with administrative permissions)
2. Click Continue (2).
Complete the setup based on the method you selected:
Authenticator app
You can use any authenticator application that supports TOTP (One-Time Passwords), such as Google Authenticator, Microsoft Authenticator, Authy, or any TOTP-compatible app.
1. Select Authenticator app and click Continue.
2. Scan the QR code (1) using your authenticator app. If you cannot scan the code, enter manually the key provided (2).
3. Enter the confirmation code generated by your authenticator app in the Confirmation code (3) field.
4. Click Verify & enable (4) to complete the setup.
Your authenticator app is now linked to your TalentLMS account.
Email verification link
Users with administrative permissions can authenticate using a link sent to their email address.
1. Select Email (1) and click Continue (2).
2. TalentLMS sends a secure login link (3) to your registered email address. Open the email and click the verification link to complete the setup.
| Note: Each link can be used once, and expires after 10 minutes. |
Backup codes
After completing the 2FA setup, TalentLMS generates and shows you your backup codes.
Use these codes if you lose access to your authenticator device.
- Backup codes do not expire.
- Each code can be used once.
- When all codes are used, 2FA must be reset to generate new ones.
Store your backup codes in a safe location.
B. Configure Two-Factor Authentication settings
To configure Two-Factor Authentication settings for your portal:
1. Sign in to your TalentLMS account as an Administrator and go to Account & Settings (1).
2. From the Basic settings tab, scroll down to the Security (2) section.
3. From there, you can configure 2FA separately for each user type (3).
Two-Factor Authentication for Admin users
Two-Factor Authentication is required for all users with administrative permissions. Admins can authenticate using an authenticator app, or an email verification link.
You cannot disable 2FA for admin roles, but you can configure the trusted device duration:
1. Sign in as an Administrator and go to Account & Settings > Basic Settings > Security.
2. Click Two-Factor Authentication - Administrator (1).
3. Check the box Allow to "trust this browser" for (2), if desired.
5. From the Trust period (3) drop-down list, choose the number of days:
- 7 days
- 14 days
- 30 days
| Note: If the trust this browser option is disabled, users must verify their identity every time they log in. |
6. Click Save at the bottom of the page.
| Note: 2FA configuration is managed from the main domain, so branch administrators cannot configure 2FA settings. For Admin users, the configuration applies to the main domain and all branches. For Instructors and Learners, Administrators can choose whether the configuration applies to all branches or specific branches. |
Two-Factor Authentication for Instructors and/or Learners
Non-Admin user types can authenticate using an authenticator app.
To enable or disable 2FA for non-Admin roles:
1. From the Two-Factor Authentication settings, select the user type (1) you want to configure (e.g., Instructor).
2. Check the Enabled (2) box to activate 2FA for that role.
3. Check the box Allow to "trust this browser" for (3) if you want users to skip verification on trusted devices.
4. From the Trust period (4) drop-down list, choose the number of days:
- 7 days
- 14 days
- 30 days
| Note: If the trust this browser option is disabled, users must verify their identity every time they log in. |
5. From the Apply to branches (5) dropdown list, select if you wish this option to be applied to:
- All current and future branches
- Specific branches
- None
| Note: If 2FA is enabled in either the main domain, or one of the restricted branches, then the user needs to authenticate via 2FA when logging in, regardless of which environment they’re logging in to. |
6. Click Save at the bottom of the page.
C. Resetting Two-Factor Authentication for other users
Depending on their user role, different users can reset 2FA settings for other users:
- Admins can reset 2FA for Instructors and Learners.
- SuperAdmins can reset 2FA for Admins.
- The Account Owner can reset 2FA for SuperAdmins and Admins.
| Note: Account Owner 2FA can only be reset by the TalentLMS Support team. Here’s how to contact us. |
To reset 2FA for another user:
1. Sign in to your TalentLMS account, go to Users and click Edit next to the user you wish to reset 2FA for.
2. In the user’s profile > Info (1) tab, scroll down to the Two-Factor Authentication (2FA) section and click Reset 2FA (2).
3. In the new window, click Reset again to confirm your choice.
This action cannot be undone and the user will now have to reconfigure their 2FA settings the next time they log in.
D. Reconfiguring your own Two-Factor Authentication
To reset your own 2FA:
1. Sign in to your TalentLMS account, and go to My info (1).
2. Scroll down to the Two-Factor Authentication section and click Reconfigure 2FA (2).
3. Enter your password (3) in the relevant field, and click Continue (4).
4. Select a 2FA method (authenticator app, or email verification link if available), and complete the reconfiguration.