Skip to main content

How to Set Up Two-factor Authentication (2FA) in PayHOA

Protect your PayHOA account with two-factor authentication. How to enable 2FA, log in with a one-time code, and manage trusted devices.

Written by Stephen Woodall

Two-factor authentication (2FA) adds a second step to logging in: after your password, PayHOA asks for a one-time code from your phone. Even if someone learns your password, they can't access your account without the second factor. We strongly recommend turning it on, especially if you manage payments, vendors, or other people's access.

Why it matters

Your password alone can be exposed in ways outside PayHOA's control: a reused password from another site's breach, a phishing email, or malware on a device. 2FA means a stolen password isn't enough on its own. If your account can create vendors, schedule payments, or manage other users, this protection matters even more.

The two methods

PayHOA offers two options. You can enable either one or both.

Method

What you need

Best for

Authenticator app (recommended)

A free app like Google Authenticator, Microsoft Authenticator, or Authy

Strongest option. Works even without cell signal

Text message (SMS)

A mobile phone number that can receive texts

Simplest to set up

We recommend the authenticator app as your primary method, because text messages can occasionally be delayed or intercepted.

Where to find your security settings

  1. Open your account menu in the top-right corner and go to Settings.

  2. Select the Security tab (alongside User Settings, Wallet, Notifications, and Autopay).

  3. On this page you'll find Update Account Password at the top and, below it, Two-Factor Authentication with two options, Google Authenticator and Text Message (SMS) Authentication, each showing whether you're currently enrolled.

The Security tab under Settings — enable Google Authentication or Text Message (SMS) Authentication here.

Option A — Set up an authenticator app

  1. Under Two-Factor Authentication, enable Google Authenticator.

  2. Open the authenticator app on your phone.

  3. Tap the plus (+) button to add a new account, then select Scan a QR code.

  4. Scan the QR code shown on screen, then click Next. (If you can't scan it, you can type in the setup key shown below the code instead.)

  5. Enter the 6-digit code displayed in your authenticator app to confirm and save.

That's it. You'll now be asked for a code from this app each time you log in.

Option B — Set up text message (SMS)

  1. Under Two-Factor Authentication, choose Enable SMS for Text Message (SMS) Authentication.

  2. Enter the mobile phone number that should receive your codes.

  3. Enter the verification code texted to that number to confirm and save.

Logging in with 2FA

After you enter your email and password, PayHOA will prompt you for your one-time code. Open your authenticator app (or check your texts), enter the current code, and you're in. Codes refresh every 30 seconds, so always use the most recent one.

Trusted devices

When you log in, you can mark a browser you control as trusted so PayHOA won't prompt for a code on it for 30 days. Only trust browsers on private devices, never a shared or public computer. You can review trusted browsers and Revoke any of them (or Revoke All) anytime from the Security tab.

If you lose access to your second factor

If you get a new phone or lose access to your authenticator app or phone number:

  • If you can still log in, open your account menu → Settings → Security and re-enroll a new authenticator app or phone number.

  • If you're locked out, use Forgot Password on the login screen, or contact your association administrator. For added safety, reach out to PayHOA support to verify your identity before restoring access.

Tip: enabling both an authenticator app and SMS provides a backup if you lose one.

Who should turn this on

Two-factor authentication is available to everyone with a PayHOA login — administrators, board and committee members with custom permissions, and homeowners alike. We strongly recommend it for any account that can manage payments, vendors, accounting, members, or documents, since those accounts are the most valuable to attackers. But every account benefits: 2FA protects your login even if your password is exposed somewhere else. If you're an administrator or hold custom permissions, please turn it on today.

Frequently asked questions

Does 2FA cost anything? No. It's free, and authenticator apps are free to download.

Do I need a smartphone? An authenticator app needs a smartphone or tablet. If you don't have one, SMS to any text-capable mobile phone works.

Will I have to enter a code every time? Only on devices you haven't marked as trusted. On a trusted personal device, you won't be prompted every time.

I have a new phone, what do I do? Log in (if you still can) and re-enroll under account menu → Settings → Security. If you're locked out, use Forgot Password or contact support to verify your identity.

Is my information safe in PayHOA? Yes. Payment details are handled by our PCI-compliant processor and never stored by PayHOA. 2FA adds protection for your login specifically. (See also: PayHOA Security.)


Need a hand? Reply here or reach out to PayHOA Support and we'll walk you through it.

Did this answer your question?