Fork me on GitHub

This page in other versions: Latest (8.9) | 8.8 | 8.7 | 7.8 | 6.21 | Development

This document in other formats: PDF | ePub | Tarball


Enabling two-factor authentication (2FA)

About two-factor authentication

Two-factor authentication (2FA) is an extra layer of security used when logging into websites or apps. With 2FA, you have to log in with your username and password and provide another form of authentication that only you know or have access to.

Setup two-factor authentication

To set up 2FA for pgAdmin 4, you must configure the Two-factor Authentication settings in or (see the documentation) on the system where pgAdmin is installed in Server mode. You can copy these settings from file and modify the values for the following parameters.




The default value for this parameter is True. To disable 2FA, set the value to False


Set the authentication methods to be supported


<APP_NAME> - Verification Code e.g. pgAdmin 4 - Verification Code


Force the user to configure the authentication method on login (if no authentication is already configured).

NOTE: You must set the ‘Mail server settings’ in or in order to use ‘email’ as two-factor authentication method (see the documentation).

Configure two-factor authentication

To configure 2FA for a user, you must click on ‘Two-factor Authentication’ in the User menu in right-top corner. It will list down all the supported multi factor authentication methods. Click on ‘Setup’ of one of those methods and follow the steps for each authentication method. You will see the Delete button for the authentication method, which is already been configured. Clicking on Delete button will deregister the authentication method for the current user.

Configure two-factor authentication

You can also force users to configure the two-factor authentication methods on login by setting MFA_FORCE_REGISTRATION parameter to True.