Secure your Postman account with two-factor authentication

Today, we’re introducing two-factor authentication (2FA) for all Postman users, enabling you to add an extra layer of security to your Postman account and data. We strongly recommend leveraging 2FA because it reduces the potential risk of an attacker compromising your account.

How 2FA works

After password verification, you’ll be asked to provide a time-based one-time password (TOTP) generated by an authenticator app. Also, recovery codes can help you access your account if you lose your device. However, you can only use each of these codes once.

How to enable 2FA for Postman

To enable 2FA, log in to your Postman account and visit the Account Settings page; follow the instructions on the screen to activate 2FA.

You must use an authenticator app that supports TOTP. We recommend using cloud-based TOTP apps like Authy, Microsoft Authenticator, LastPass Authenticator, or 1Password. Please ensure that you keep recovery codes in a secure place. You can find more details about setting up 2FA on our Learning Center.

Note: 2FA is only available for password-based authentication methods—it is not available for Google and SSO-based logins. You can enable two-factor or multi-factor authentication with your identity provider.

Watch and learn

Try Postman now

What do you think about this feature? Tell us in a comment below. You can also give product feedback through our Community forum and GitHub repository.


Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.