This guide explains how Cloaked protects your account and how you can add additional layers of security using two-factor authentication (2FA) and your recovery key.
Cloaked is built with end-to-end encryption and a zero-knowledge architecture, which means only you can access your data. Because of this, it is important to enable the security features available to you and store your recovery key safely.
What is two-factor authentication (2FA)?
Two-factor authentication adds an extra verification step when signing in.
With 2FA enabled, anyone accessing your account must:
Enter your Cloaked password, and
Verify a one-time code sent to your email address or phone number
This means that even if someone learns your password, they cannot access your account without access to your email or phone.
We strongly recommend enabling 2FA if you store passwords, manage Cloaked identities, or access your account from multiple devices.
As a quick note, if you log in via text OTP to your phone number, this option isn’t available.
How to set up 2FA from the Cloaked dashboard
Log in to your Cloaked dashboard
Select your Profile icon → Settings
Choose Set up two-factor authentication
Enter your Cloaked password to confirm the change
Select Verify via email
Choose an existing verified email, or select Use a different email address
Enter the email address and select Continue
Enter the 6-digit verification code sent to that email
Select Verify code
Once verified, the email address will appear under your 2FA settings.
These same steps can be followed to set up SMS-based 2FA instead of email, if preferred.
How to set up 2FA from the Cloaked mobile app
Open the Cloaked app
Tap Settings → Account Security
Select Two-factor authentication → Set up two-factor authentication
Enter your Cloaked password and tap Continue
Select Verify via email
Choose a verified email or tap Use a different email address
Add the email address and tap Save
Enter the 6-digit code sent to that email
Tap Verify
Once complete, the email address will be available for 2FA verification.
Save Your Recovery Key
Your recovery key is a backup method for accessing your Cloaked account if you ever forget your password.
Because Cloaked uses end-to-end encryption, only you can unlock your account data. Cloaked cannot reset your password or access your encrypted information without your credentials.
If you lose your password, the recovery key allows you to reset it and regain access to your account without losing your stored identities, passwords, and other data.
For this reason, we strongly recommend downloading and saving your recovery key in a secure location.
Your Recovery Key should look similar to this example above.
How to save your recovery key
From the Cloaked dashboard
Select your Profile icon
Open Settings
Select Account Security
Choose Save Recovery Key
From the Cloaked mobile app
Open the Cloaked app
Tap Settings
Tap Account Security
Select Save Recovery Key
Your recovery key will download so you can store it safely.
Best practices for storing your recovery key
Your recovery key should be stored somewhere secure and accessible only to you. For example:
• A trusted password manager
• A secure file stored on your computer
• A printed copy stored in a safe or lockbox
Do not share your recovery key with anyone. Cloaked support will never ask for it.
Saving your recovery key ensures you can regain access to your account if you ever lose your password.