If you enabled two-factor authentication, every time you log in we will ask for the 6-digit code from your authenticator app. For devices you use every day —your work computer, your personal phone— that can become repetitive. That is why Modari lets you mark a device as trusted and skip 2FA on it for 30 days.

How to mark a device as trusted

  1. Log in normally

    Enter your email and password. Modari takes you to the 6-digit code screen.

  2. Check the trust box

    Right below the field where you type the code, you will see a box that says "Trust this device for 30 days". Check it before tapping "Verify".

  3. Verify and enter

    Type the code from your app and tap "Verify". You enter your account and, in addition, this device is marked as trusted for the next 30 days. Every time you log in again from this same browser, we will not ask for the 2FA code as long as the month has not passed.

How trust gets renewed

Trust lasts 30 days counted from the last login where it was marked or renewed. Each time you enter from a trusted device, that counter resets. In practice, if you use Modari at least once a month in the same browser, the trust never expires.

If more than 30 days pass without you entering, this happens:

  1. The next time you go to log in, we will ask for the 2FA code.
  2. You can check the trust box again to extend it another 30 days.

Revoke all trusted devices

If you lose a computer, your phone is stolen, or you suspect someone has access to a device where you checked the trust box, you should revoke trust immediately. This invalidates all trusted devices at the same time —there is no way to revoke just one.

  1. Go to Settings → Security

    Log in to Modari and open the security settings from the side menu.

  2. Tap 'Revoke trusted devices'

    In the two-factor section you will see this option. Tap it. Modari will ask you to confirm the action.

  3. Confirm

    Once confirmed, all devices you had marked as trusted lose that status. The next time any of them logs in, we will ask for the 2FA code, no exceptions.

How it compares to a normal session

Do not confuse trusted device with active session. They are different things:

  • The active session is what keeps you logged into a tab without having to retype your password. If you log out or it expires (several hours or days, depending on the browser), you must enter email and password again.
  • The device trust is what saves you the 2FA code when logging in. Trust lives in a separate cookie and lasts 30 days.

In other words: the session saves you typing the password; the trust saves you typing the 2FA code.

Limitations for now

At this stage of Modari, trusted devices have two limitations that we will solve later:

  • There is no visible list of devices marked as trusted. You can only revoke all of them at once.
  • We do not notify you by email when a new device is marked as trusted. We are working on this.

Because of these two limitations, we recommend being conservative with the trust box: use it only when you are totally sure of the device, and do periodic revocations as part of your security maintenance.

What's next

If you have not changed your initial password yet or want to know how to recover it if you forget, continue with change your password.