CPR.co
For Admins

Enable two-factor authentication (2FA)

Protect your admin account with a 6-digit code from your phone. Takes about 2 minutes to set up.

Two-factor authentication (2FA) adds a second layer of security on top of your password. Once it is enabled, signing in to your admin account requires both your password AND a 6-digit code from an authenticator app on your phone. If someone steals your password, they still cannot get in without your phone.

ℹ️
Note: We strongly recommend turning on 2FA if you are a tenant admin, system admin, or any staff member with access to student records or billing.

What you will need

Before you start

  • Your phone with an authenticator app installed. Any of these work: Google Authenticator, 1Password, Authy, Microsoft Authenticator, or Bitwarden.
  • About 2 minutes.
  • A safe place to save 10 recovery codes (a password manager, a locked file, or a printed sheet in a secure location).

Step-by-step setup

How to turn on 2FA
  1. 1Sign in to your admin account.
  2. 2Open your Profile page at https://cpr.co/admin/profile.
  3. 3Scroll down to the Two-factor authentication card and click Manage 2FA (or go directly to https://cpr.co/admin/my-profile/security).
  4. 4Click the Enable two-factor authentication button.
  5. 5A QR code appears on the screen. Open your authenticator app on your phone and tap the + (add) button.
  6. 6Point your phone camera at the QR code to scan it. Your app will add a new entry for CPR.co.
  7. 7Your authenticator app will start showing a 6-digit code that changes every 30 seconds.
  8. 8Type the current 6-digit code into the Verify field on the CPR.co page.
  9. 9Click Verify. If the code is correct, 2FA is now turned on.
  10. 10The page will now display 10 recovery codes in XXXX-XXXX format. SAVE THESE. See the next section.

Save your recovery codes

⚠️
Important: Your 10 recovery codes are shown exactly once. If you lose your phone or uninstall your authenticator app without saving these codes, you will need help from support to get back into your account.
Two ways to save them
  1. 1Click the Copy button to copy all 10 codes to your clipboard, then paste them into your password manager (1Password, Bitwarden, etc.).
  2. 2OR click the Download button to save them as a plain text file (.txt). Store the file in a secure location — a locked folder on your computer, an encrypted USB drive, or a printed copy in a safe.

Each recovery code can be used only once. After you use one, only 9 will remain. When you are down to 2 codes, the security page will show a warning and you can regenerate a new set of 10 at any time.

Signing in after 2FA is turned on

From now on, every time you sign in you will be asked for a 6-digit code right after your password. Just open your authenticator app, find the CPR.co entry, and type in whatever 6-digit code is currently displayed. That is it.

Turning 2FA off

If you need to turn 2FA off, go back to Admin → My Profile → Security and click the Disable two-factor authentication button. Your authenticator app entry for CPR.co can be deleted from your phone after that.

💡
Tip: If you get a new phone, set up 2FA on your new phone before you retire the old one. If that is not possible, use a recovery code on the /login/mfa page to get back in — see the "Lost your authenticator app?" article.

Questions? Email support@cpr.co or ask your system admin.

Was this article helpful?

Still need help?

We're here for you — call or email us any time during business hours.

Mon–Fri 8am–5pm Central Time

Related articles

Getting started with your admin dashboard
Understand your dashboard at a glance — today's stats, action items, and quick access to everything.
A full tour of your admin dashboard
KPIs, greeting, Today's Classes, Action Items, Revenue & Pipeline, Recent Activity, and Quick Actions — all explained.
Finding any setting fast
The settings sidebar, category grid, search bar, and Recent Changes panel — how to get to any of the 29 settings categories without clicking around.
Back to For Admins
💬Chat with us