TOTP or FIDO for 2FA on Hosted?

I see people referring to TOTP for self-hosted instances, however, I see only text message/phone number when trying to enable 2FA in Hosted. Is there a way to enable 2FA using either TOTP or FIDO on the [Pro] hosted version?

Question changes a bit:
I don’t want my phone number on my account and so I was avoiding entering it but to test if TOTP was actually available, I entered my phone number and then 2FA was set up as TOTP. Once TOTP was set up, I tried deleting my phone number but then it threatened to turn off TOTP. Curious - why is my phone number required for TOTP?


We’ve found it’s common for people to have trouble logging in with TOTP (ie. lost/replaced their phone) so we use the phone number to send an SMS as a backup option.

Ah - makes sense. I guess I would require it too based upon that experience.

I’m a former developer and IT manager, spending almost 30 years in corporate america, not that it makes any difference except that I’ve witnessed a LOT of poor system design, poor testing, missing functionality, etc, etc. I’ve only spent a couple days playing around with InvoiceNinja but it’s very clear this system is extremely well-designed, tested and polished. With the functionality InvoiceNinja has, it’s like-for-like design beats what I’ve seen from enterprise vendors like SAP or Oracle. Kudos.

1 Like

Thanks, that’s great to hear!