Two-factor authentication (TFA) makes it especially difficult for anyone other than you (e.g., hackers, exes, et al) to access your Tumblr account. Aside from your regular login info, you'll need a couple extra things to log into your account:
- Your phone (which you've hopefully password-protected)
- A unique, single-use code (sent via text or generated by an authenticator app)
Setting up two-factor authentication
- Click "Settings" under the account menu at the top of the dashboard (the person silhouette). Or head directly to https://www.tumblr.com/settings/account.
- In the Security section, enable “Two-factor authentication.”
- Now decide whether you'd like to receive the code via text or through an authenticator app (we’re into Google Authenticator).
- Follow the steps laid out in the settings page.
Logging in on the web with two-factor authentication
If you've enabled TFA, it should work like this:
- Log into your Tumblr account.
- Once you've received the unique code (either via SMS or through an authenticator app), enter the code in the specified field.
- Voila! You're in!
Logging in through the iOS or Android apps with two-factor authentication
When you have two-factor authentication turned on, you'll need to generate a special one-time-use password in order to log in through your mobile apps. Using either app, you should receive the code via text or through an authenticator app, depending on which method you chose during setup. Don't worry about memorizing that password, by the way. You'll only need it once, and it's really stupid-looking anyway.
Troubleshooting two-factor authentication
One thing to note is that if you haven’t received the code after a few minutes for SMS authentication, you can click on the refresh-arrow icon next to “Enter auth code” to send another one.
If you're not receiving a code for an authenticator app, check again in a minute or so.
Still no code? Check that the time on your device is accurate for your current location, and that it's set to automatically update. Also make sure that your device is not in sleep, airplane or "do not disturb" mode.
Disabling two-factor authentication
We strongly advise against this. Your account is far less likely to get compromised if you've enabled two-factor authentication. But if you must, go ahead and turn it off again in your account settings, and we'll ask you to enter your account password to make sure it's really you. You'll then be able to log in to your account without the extra verification step. If you would like to re-enable it at any point, you'll have to go through the setup process again.
Recommended authentication apps