Protect Your Account in Minutes
Two-factor authentication (2FA) adds a second verification step every time you log in to QuickEstimate. Even if someone obtains your password, they cannot access your account without also passing the second factor—making unauthorised access dramatically harder.
Setting up 2FA takes less than five minutes and is one of the most effective security measures available. We strongly recommend enabling it on every QuickEstimate account that contains client data or financial records.
How to Enable 2FA on Your Account
Work through these steps to activate two-factor authentication. You'll choose your preferred verification method and then confirm it's working before it goes live.
Open Security Settings
All account security controls are managed from a single location in your QuickEstimate settings—no hunting through menus required.
- Click your profile avatar or account name in the top navigation bar
- Select Account Settings from the dropdown menu
- Navigate to the Security tab in the left sidebar
- Locate the Two-Factor Authentication section near the top of the page
- You'll see your current 2FA status — it will show Not enabled if this is your first time
Choose Your Verification Method
QuickEstimate supports two 2FA methods. Choose the one that best fits how you work — you can switch between them at any time from Security Settings.
Generates a 6-digit code on your phone every 30 seconds. Works offline, faster, and more secure than SMS.
Receive a one-time code by text message each time you log in. Easy to set up — requires a mobile number.
Set Up Your Authenticator App
If you chose the authenticator app method, follow these steps to link your app to your QuickEstimate account using a QR code.
- Click Set Up Authenticator App on the Security Settings page
- Open your chosen authenticator app on your phone
- Tap Add Account or the + button inside the app
- Select Scan QR Code and point your camera at the QR code shown on screen
- Your app will instantly add QuickEstimate and begin generating 6-digit codes
- Enter the current 6-digit code into the confirmation field on QuickEstimate
- Click Verify and Enable to activate 2FA on your account
Set Up SMS Verification (Alternative)
If you chose SMS as your verification method, QuickEstimate will send a one-time code to your mobile number each time you log in.
- Click Set Up SMS Verification on the Security Settings page
- Enter your mobile number including country code (e.g. +61 for Australia)
- Click Send Verification Code — a 6-digit code will arrive by text within 60 seconds
- Enter the code in the confirmation field on screen
- Click Verify and Enable to activate SMS 2FA on your account
SMS codes expire after 10 minutes. If you don't receive a message within 60 seconds, click Resend Code — check that your number was entered correctly including the country code.
Save Your Backup Codes
After enabling 2FA, QuickEstimate generates a set of one-time backup codes. These are your emergency access method if you ever lose your phone or can't receive your normal verification code.
- After verifying your first code, you'll be shown 8 backup codes
- Click Download Codes to save them as a text file on your device
- Alternatively, click Copy All and paste them into a secure password manager
- Store them somewhere safe — a password manager, encrypted notes app, or printed in a secure location
- Each backup code can only be used once — after use it's automatically invalidated
- You can regenerate a fresh set of backup codes at any time from Security Settings
Test Your Login
Before relying on 2FA day-to-day, confirm that the full login flow works correctly from start to finish.
- Log out of your QuickEstimate account completely
- Return to the login page and enter your email address and password as normal
- You'll now be prompted to enter your 2FA code — open your authenticator app or check your SMS
- Enter the 6-digit code and click Verify
- You should be logged in successfully — 2FA is now active and working
2FA is now protecting your account. Every login from an unrecognised device will require your verification code going forward.
What 2FA Protects on Your QuickEstimate Account
Once enabled, 2FA secures access to all sensitive areas of your account on any unrecognised device:
- Your full estimate and proposal history — including pricing and client details
- Client contact information and communication records
- Business settings, branding, and terms & conditions
- Billing information and subscription management
- Team member accounts and permission controls
- Exported data and downloaded reports
Even if your password is compromised in a data breach, 2FA ensures your account remains inaccessible without the second verification step.
Tips for Staying Secure
Two-factor authentication is your strongest defence — these additional habits keep your account and client data fully protected.
Use a Strong, Unique Password
2FA works best alongside a strong password. Use at least 12 characters with a mix of letters, numbers, and symbols — and never reuse it across other sites.
Store Backup Codes Securely
Save your backup codes in a password manager like 1Password or Bitwarden — not in a plain text file, email draft, or note that isn't encrypted.
Keep Your Auth App Backed Up
If you use Google Authenticator, enable cloud backup in the app settings. Authy and 1Password back up automatically — so a new phone doesn't lock you out.
Review Trusted Devices Regularly
Periodically visit Security Settings and revoke trusted device status from old phones, laptops, or devices you no longer use or own.
Enable 2FA for All Team Members
On Business plans, admins can require 2FA across all team accounts. One unsecured team login is all it takes to expose your entire account.
Regenerate Backup Codes After Use
If you ever use a backup code to access your account, generate a fresh full set immediately from Security Settings so you're never left without a fallback.
Frequently Asked Questions
Use one of your saved backup codes to log in — each code is a one-time emergency bypass that lets you access your account without your authenticator. Once logged in, immediately go to Security Settings to reconfigure 2FA on your new device. If you have no backup codes, contact QuickEstimate support with account verification details to regain access.
Yes. Go to Account Settings → Security → Two-Factor Authentication and click Change Method. You'll be walked through the setup for the new method and your old method will be deactivated once the new one is confirmed. You don't need to disable 2FA first.
Only on unrecognised devices. When logging in from a trusted device, you can tick Trust this device for 30 days to skip the 2FA step on that device for the next 30 days. Logging in from a new browser, device, or incognito window will always trigger the 2FA prompt for your security.
2FA is optional for individual accounts but strongly recommended. On Business plans, account administrators can enforce mandatory 2FA for all team members from the Team Settings page — any member without 2FA configured will be prompted to set it up on their next login.
First, check that the mobile number saved in Security Settings is correct and includes the right country code. SMS delivery can occasionally be delayed by up to 60 seconds — wait before requesting a resend. If codes consistently fail to arrive, consider switching to an authenticator app which is more reliable and doesn't depend on mobile network coverage.
Go to Account Settings → Security → Two-Factor Authentication and click Disable 2FA. You'll be asked to confirm with your current password and one final 2FA code to prevent unauthorised deactivation. Note: if 2FA is enforced by your account administrator, you will not be able to disable it individually.
Account Secured — What's Next?
Your account is now protected with two-factor authentication. Explore more ways to keep your data safe.