🔑 2FA Setup Guide

Download and install a reputable TOTP authenticator application on your mobile device. Recommended options include Aegis Authenticator (Android, open-source, supports encrypted backups), Tofu (iOS, open-source), or KeePassXC (desktop, integrates with your password manager). Avoid cloud-synced authenticators like Google Authenticator or Authy, as they create additional attack surfaces. The authenticator generates a new 6-digit code every 30 seconds based on a shared secret.

In TorZon Market, navigate to Account Settings → Security → Two-Factor Authentication. The market will display a QR code and a text-based secret key. Scan the QR code with your authenticator app, or manually enter the secret key if scanning is not available. After adding the entry, your app will immediately begin generating 6-digit TOTP codes. Enter the current code displayed in your app to verify the setup and activate 2FA on your account.

After activation, TorZon Market will display a set of one-time backup recovery codes. These codes are your emergency access method if you lose your 2FA device. Write each code on paper carefully — do not store them on your computer or phone. Store the paper in a physically secure location, ideally separate from your main workspace. Each backup code can only be used once. Consider making a second copy stored in a different physical location for redundancy.