Login problem. Always requires token even with 2FA disabled

I am a paid cloudflare user. I always have blocked login attempt when signing in to my cloudfalre account even from my home computer. Every time I log in I need to enter securiy key that is sent to my email even though I have disabled 2FA. This becomes a bigger problem when my developer has to work on my website.

Can you white list the IP addresses or remove this extra security.

My other cloudflare accounts do not face this problem, only since I disabled 2FA is it like this (more than 2 years now)

Can you check and make sure the time on your phone is correct and that you chose the right mode, which should be time-based IIRC?

Go to “Settings” in your Google Authenticator, tab “Time correction for codes” and tab “Sync now”.

Have you checked from the steps within this article?:

If you still can’t get in, you will need to follow the steps in the linked post and contact Cloudflare support:

Hi @aleembourgeois,

This isn’t classed as 2FA at Cloudflare in the same way as using an authenticator app or hardware token is. You will receive this email if you are signing in from an IP address that is not recognised, which can be every time if you have a dynamic IP.

This is why Cloudflare allows you to add users to give them permission to access your account from their own, so you don’t need to share credentials and security codes.

2FA is considered a higher level of security than these email tokens and so if you have that enabled, you won’t get the emails as well.

1 Like

So there is no way to whitelist my IPs? Do you suggest I add 2FA and then create a new login for the developer and get their info to add their own 2FA as well? It is a little inconvenient as it is different people like freelancers working on my sites. My other cloudflare accounts do not have this added IP flagging issues. I wish I can just get my account whitelisted.