Skip to content

Account Security

Featureflip gives you two ways to strengthen how you sign in: two-factor authentication (2FA) adds a one-time code on top of your password, and Sign in with Google lets you use your Google account instead of a separate password. Both are managed from your account, and you can use either, both, or neither.

Two-factor authentication asks for a one-time code from an authenticator app in addition to your password, so a leaked password alone is not enough to sign in. Featureflip uses standard time-based one-time codes (TOTP), which work with any authenticator app — Google Authenticator, 1Password, Authy, and others.

  1. Go to your Profile page.
  2. Find the Two-Factor Authentication card and click Set up two-factor.
  3. Scan the QR code with your authenticator app. If you cannot scan it, enter the shown key into the app manually.
  4. Enter the 6-digit code from your app and click Enable.
  5. Featureflip shows your recovery codes. Save them somewhere safe — see below.

Once enabled, every future sign-in asks for a code from your authenticator app after your password.

When you enable 2FA, Featureflip gives you a set of recovery codes. Each code works once and is your backup way to sign in if you lose access to your authenticator app (for example, if you replace your phone). Store them somewhere separate from your password manager’s 2FA entry — printed, or in a secure note.

If you use some of your codes or want a fresh set, click Regenerate recovery codes on the Two-Factor Authentication card and confirm with your password. Regenerating invalidates your previous codes and replaces them with a new set.

After you enter your email and password, Featureflip prompts for your one-time code. Open your authenticator app, enter the current 6-digit code, and you are signed in. If you cannot reach your authenticator, use one of your recovery codes instead.

  1. Go to your Profile page.
  2. On the Two-Factor Authentication card, click Disable two-factor.
  3. Enter your password to confirm.

Two-factor authentication is turned off, and future sign-ins ask for your password only.

You can sign up and sign in to Featureflip with your Google account instead of a password. On the sign-in screen, click Continue with Google and complete Google’s consent screen. Featureflip creates or signs you into your account from your verified Google email.

  • New to Featureflip? Continuing with Google creates your account from your Google profile — no separate password to set.
  • Already have a Featureflip account under the same email address? If that account’s email is already verified, signing in with Google links to it, so you can use either your password or Google going forward. If the email on the existing account has not been verified, Featureflip will not automatically link the two, as a safeguard against account takeover — verify the account first.

Sign in with Google is social login built on Google’s OAuth. It is separate from enterprise single sign-on (SAML / SCIM), which is available on the Enterprise plan — contact us if your organization needs SAML.

  • Team Management — invite members and manage roles for your organization
  • Audit Log — review changes made across your flags and environments