How to Set Up Two-Factor Authentication (2FA) on Your Holidu Account

To keep your account and data secure, Holidu uses Two-Factor Authentication (2FA) for all hosts that do not use social logins (where 2FA is also offered, for example by Gmail). This extra layer of security protects your account even if someone else knows your password. 2FA is mandatory for all hosts with published properties.

What is 2FA?

Two-Factor Authentication requires two things to log in:

  1. First factor: Your email and password
  2. Second factor: A one-time verification code, sent via one of the following methods:
    • SMS (recommended)
    • Authenticator app (e.g., Google Authenticator, Authy)
    • Email (no longer supported for new hosts)

You can set up multiple methods for backup access. However, you can only use one instance of each method—for example, only one phone number, one email address, and one authenticator app can be registered at a time.

Where to Set Up 2FA

  1. Log in to your Holidu Host Account. You may be prompted to set up 2FA immediately after login. If not, continue to step 2.
  2. Go to: Holidu Logo > Security
  3. Click Configure next to the authentication method(s) you want to activate.
Screenshot of the Security settings page on Holidu showing the authentication methods configuration options.

Choose Your 2FA Method

Method 1: SMS (Mobile Phone) — Recommended

SMS is the fastest and easiest method to set up. You'll receive a one-time code via text message each time you log in.

  1. Select SMS from the list.
Screenshot showing the SMS authentication method selection on Holidu.
  1. Enter the phone number you want to use and click Get SMS Code.
Screenshot of the phone number input field and Get SMS Code button on Holidu.
  1. Enter the 6-digit code you receive and click Verify.
Screenshot of the SMS code verification field on Holidu.
  1. You'll see a confirmation message once the setup is complete. Congratulations, your account and your data are now secured!

Method 2: Email (No Longer Available for New Hosts)

Email authentication is no longer available for new hosts. If you set it up previously, you can still use it, but we recommend switching to SMS or an authenticator app.

  1. Choose Email authentication from the list of methods.
Screenshot showing the Email authentication method option on Holidu.
  1. The system will send a verification code to your registered Holidu email address.
  2. Check your inbox, enter the code, and click Submit code.
Screenshot of the email code submission field on Holidu.
  1. You'll see a confirmation message once the setup is complete. Congratulations, your account and your data are now secured!

Method 3: Authenticator App

An authenticator app is a small program you install on your smartphone or tablet. It generates a new 6-digit security code every 30 seconds that only you can see. Unlike text messages or emails, the app works even without internet or mobile signal, because the codes are created directly on your device.

  1. Download an app like Google Authenticator (Android | Apple) or Authy (Android | Apple).
  2. Select Authenticator App from the list.
Screenshot showing the Authenticator App selection option on Holidu.
  1. Scan the QR code displayed on your screen (or use a manual code if scanning doesn't work).
Screenshot of the QR code for authenticator app setup on Holidu.
  1. Enter the 6-digit code generated by the app, give the device a name (e.g., "My mobile phone"), and click Submit.
  2. You'll see a confirmation message once setup is complete. Congratulations, your account and your data are now secured!
  3. Authenticator apps generate codes locally, so they work without internet or mobile signal.

After Setup

From now on, logging in requires:

  1. Entering your password
  2. Entering the 6-digit code from your chosen 2FA method

You can manage your 2FA settings at any time via the Security section in your Holidu account.

Tips for Success

  • We recommend starting with SMS, as it's the fastest and easiest method.
  • Enable at least two different methods in case you lose access to one.
  • Remember: Only one instance of each method can be used (one email, one phone, one authenticator app).
  • Save your backup codes in a secure location if provided by the authenticator app.
  • Keep your phone number and email address up to date in your account settings.
  • If using an authenticator app, ensure your device's time is synchronized correctly.

Frequently Asked Questions (FAQ)

Why do I need to set up 2FA?

To protect your account from unauthorized access, especially if your password is ever compromised. 2FA is mandatory for all hosts with published properties and provides an essential security layer for your account and guest information.

I do not see an option to set up 2FA in my account.

Two-Factor Authentication is only available if you use a combination of email and password to log in. If you are using a login method like Facebook or Google, you are already secure, since they also offer Two-Factor Authentication through their own systems.

What if I lose access to my phone or email?

You can use a backup method or contact Holidu support to recover access. We recommend setting up a secondary verification method to avoid incidents. Keep at least two different 2FA methods active when possible.

Can I skip setting up 2FA?

Only temporarily. It becomes mandatory once you publish a property on your Holidu account.

How long does setup take?

Less than a minute in most cases. SMS setup is typically the quickest method.

Can I use more than one method?

Yes! You can activate more than one method for backup. However, only one instance of each method can be registered at a time.

What if I don't receive the code?

Check spam folders (email), signal strength (SMS), or time sync on your device (authenticator app). Still no luck? Contact Holidu support for assistance.

Do collaborators need to activate 2FA too?

Yes, if they have access to published properties. All account users with access to active listings must set up their own 2FA.

Can I change my 2FA method later?

Yes, go to Security in your account settings to update or remove methods at any time.

What are backup codes?

Some authenticator apps provide backup codes that can be used if you lose access to your primary 2FA method. Store these codes securely, separate from your phone or email.

How does logging in work with 2FA?

After entering your email and password, you'll be prompted to enter a 6-digit code from your chosen 2FA method. This code changes every 30 seconds (for authenticator apps) or is sent to you (for SMS or email).

Is 2FA required if I use social login (Google, Facebook)?

No, social login providers like Google and Facebook have their own built-in 2FA systems. Your account is already protected by their security measures.

Did this article answer your question?

Do you want to contact us?

We’re here to help. You can contact us directly if you need assistance or have questions.

Contact us