What you’ll need:
Access to your registered email address
Kommo desktop version (two-step verification can only be enabled or disabled on desktop)
Admins only: You must enable two-step verification on your own profile before enforcing it for all users
Keep in mind:
Every login requires your password and a 6-digit email code
If you lose access to your email, you’ll need backup codes to log in
Backup codes are shown once only — if lost, you must disable and re-enable two-step verification to generate new ones
Two-step verification protects your account with an email-based verification step. Even if someone knows your password, they won’t be able to log in without access to your email.
Enable two-step verification
Use this option to secure your own account.
Go to Settings → Profile settings.
Scroll to the Security section and turn on Two-step verification.
Click Send code. Enter the 6-digit code sent to your email and click Confirm.
Save your backup codes
After activation:
Copy the backup codes and store them somewhere safe
Each code can be used once
These codes are your only way to log in if you lose email access
Note: You’ll only see backup codes during setup. If you lose them, you’ll need to disable and re-enable two-step verification.
Once setup is complete:
Two-step verification appears as Active in your profile
You’ll receive a confirmation email
You’ll be logged out of all devices except the current one
From now on, every login — including social login and mobile — requires a two-step verification code.
Note: After enabling two-step verification, you’ll need to enter your current password to make any changes to it. Admins can also view which users have two-step verification enabled in the Users management.
Disable two-step verification
Turn off two-step verification if you no longer want the extra verification step.
Go to Settings → Profile settings.
Scroll to Security and turn off Two-step verification.
Click Send code, enter the email code, and click Confirm.
After disabling:
You’ll receive a confirmation email
Existing backup codes become invalid
Logins will no longer require two-step verification
Require two-step verification for all users (Admins only)
Use mandatory two-step verification to enforce stronger security across your workspace.
Go to Settings → Workspace settings. Scroll to Mandatory two-step verification.
Turn on the Mandatory two-step verification toggle.
Complete the following steps:
Choose a compliance period (1–10 days).
Enter the verification code sent to your email.
Once enabled:
Users see a notice that two-step verification is required
After the deadline, users must enable two-step verification at their next login
Turn off mandatory two-step verification (Admins only)
Remove the requirement for users to enable two-step verification.
Go to Settings → Workspace settings. Scroll to Mandatory two-step verification.
Turn of the Mandatory two-step verification toggle.
Enter the verification code sent to your email.
After disabling, users without two-step verification can log in normally.