Account security and two-factor authentication
How to set up 2FA on your WingNode account, recover access and follow best practices for keeping your server safe.
Your WingNode account controls billing, game servers and VPS instances. Enabling two-factor authentication (2FA) should be the first thing you do after signing up.
Enable 2FA
- Log in to the client area and open Account → Security.
- Click
Enable two-factor authentication. - Scan the QR code with Google Authenticator, Authy, 1Password or Bitwarden.
- Enter the six-digit code to confirm and save the recovery codes somewhere offline.
Best practices
- Use a unique password at least 16 characters long — a password manager is best.
- Never share panel credentials in Discord DMs or screenshots. WingNode staff will never ask for them.
- Create a separate panel sub-user for helpers instead of sharing your main account.
- Rotate SFTP passwords every 90 days, especially if you run a team with turnover.
Lost access?
If you lose your 2FA device and recovery codes, open a support ticket from an email on file. We verify identity through billing history (last four digits of payment card, last invoice number) before resetting 2FA.