How to Set Up Two-Factor Authentication (2FA) on Your Holidu Account

To keep your account and data secure, Holidu uses Two-Factor Authentication (2FA) for all hosts that do not use social logins (where 2FA is also offered, for example by Gmail). This extra layer of security protects your account even if someone else knows your password. 2FA is mandatory for all hosts with published properties.

What is 2FA?

Two-Factor Authentication requires two things to log in:

1. First factor: Your email and password
2. Second factor: A one-time verification code, sent via one of the following methods:
   • SMS (recommended)
   • Authenticator app (e.g., Google Authenticator, Authy)
   • Email (no longer supported for new hosts)

You can set up multiple methods for backup access. However, you can only use one instance of each method—for example, only one phone number, one email address, and one authenticator app can be registered at a time.

Where to Set Up 2FA

1. Log in to your Holidu Host Account. You may be prompted to set up 2FA immediately after login. If not, continue to step 2.
2. Go to: Holidu Logo > Security
3. Click Configure next to the authentication method(s) you want to activate.

Choose Your 2FA Method

Method 1: SMS (Mobile Phone) — Recommended

SMS is the quickest and easiest way to verify your identity. You'll receive a one-time code via text message each time you log in.

1. Select SMS from the list.

1. Enter the phone number you want to use and click Get SMS Code.

1. Enter the 6-digit code you receive and click Verify.

1. You'll see a confirmation message once the setup is complete. Congratulations, your account and your data are now secured!

Method 2: Email (No Longer Available for New Hosts)

Email authentication sends a verification code to your registered Holidu email address. This method is no longer available for newly created accounts, but existing hosts may still use it.

1. Choose Email authentication from the list of methods.

1. The system will send a verification code to your registered Holidu email address.
2. Check your inbox, enter the code, and click Submit code.

1. You'll see a confirmation message once the setup is complete. Congratulations, your account and your data are now secured!

Method 3: Authenticator App

An authenticator app is a small program you install on your smartphone or tablet. It generates a new 6-digit security code every 30 seconds that only you can see. Unlike text messages or emails, the app works even without internet or mobile signal, because the codes are created directly on your device.

1. Download an app like Google Authenticator (Android | Apple) or Authy (Android | Apple).
2. Select Authenticator App from the list.

1. Scan the QR code displayed on your screen (or use a manual code if scanning doesn't work).

1. Enter the 6-digit code generated by the app, give the device a name (e.g., "My mobile phone"), and click Submit.
2. You'll see a confirmation message once setup is complete. Congratulations, your account and your data are now secured!
3. Authenticator apps generate codes locally, so they work without internet or mobile signal.

After Setup

From now on, logging in requires:

1. Entering your password
2. Entering the 6-digit code from your chosen 2FA method

You can manage your 2FA settings at any time via the Security section in your Holidu account.

Tips for Success

• We recommend starting with SMS, as it's the fastest and easiest method.
• Enable at least two different methods in case you lose access to one.
• Remember: Only one instance of each method can be used (one email, one phone, one authenticator app).
• Store your backup codes in a secure location for emergency access.
• Update your phone number or email if you change devices.

Frequently Asked Questions (FAQ)

Why do I need to set up 2FA?

Two-Factor Authentication adds an essential security layer to your Holidu account. Even if someone obtains your password through a data breach or phishing attempt, they still cannot access your account without the second verification factor. This protects your property listings, booking information, and financial data.

I do not see an option to set up 2FA in my account. Why?

Two-Factor Authentication is only available if you use a combination of email and password to log in. If you are using a login method like Facebook or Google, you are already secure, since they also offer Two-Factor Authentication on their platforms. These social login providers manage 2FA directly, so Holidu does not require an additional setup.

What if I lose access to my phone or email?

You can use a backup method to regain access to your account. We recommend setting up a secondary verification method (such as both SMS and an authenticator app) to avoid being locked out. If you've lost access to all methods, contact Holidu support immediately, and our team will help you recover your account.

Can I skip setting up 2FA?

Only temporarily. Two-Factor Authentication becomes mandatory once you publish your first property on Holidu. This requirement ensures that all active listings are protected with the highest level of security.

How long does setup take?

Setting up 2FA takes less than a minute in most cases. SMS setup is typically the fastest, requiring only a few clicks and a brief wait for the verification code.

Can I use more than one method?

Yes! You can activate more than one method for backup. For example, you can set up both SMS and an authenticator app. This way, if you lose access to one method, you can still log in using the other. However, you can only register one phone number, one email address, and one authenticator app at a time.

What if I don't receive the code?

If you're not receiving codes, try the following:

• For SMS codes: Check your signal strength, ensure your phone plan includes SMS, and verify that you entered the correct number.
• For email codes: Check your spam or junk folder, as verification emails sometimes get filtered there.
• For authenticator app codes: Ensure your device's time is synchronized correctly, as the app relies on accurate time to generate codes.

If you've tried these steps and still haven't received your code, contact Holidu support for assistance.

Do collaborators need to activate 2FA too?

Yes. If collaborators have access to published properties, they are required to set up Two-Factor Authentication on their own accounts. This ensures that all users with access to your property data are protected with the same security standards.

Can I change my 2FA method later?

Yes, you can change your 2FA method at any time. Go to Security in your account settings to update, add, or remove authentication methods. You can deactivate an old method and set up a new one whenever you need to.

Is my backup authenticator app data safe if I lose my phone?

Most modern authenticator apps (like Google Authenticator with backup enabled or Authy) offer cloud backup features. If you lose your phone, you can restore your codes on a new device using your backup. However, if you haven't enabled backup and lose your phone without setting up a secondary 2FA method, you may be locked out of your account. This is why we recommend setting up multiple 2FA methods.

What happens if I change my phone number?

If you change your phone number and have SMS 2FA enabled, you must update your phone number in the Security section before your old number is deactivated. If you lose access to your old number before updating, switch to your backup 2FA method (if available) and then update your phone number. Contact Holidu support if you need assistance.