Two-Step Authentication • Marsha Docs

Two-step authentication locks sensitive roles behind additional verification to protect your server against compromised accounts.

Responsibility

The configuration and management of two-step authentication are the responsibility of the server and not Marsha or Meltdown Technologies.

Access: Dashboard → Systems → Two-Step Authentication

What is Two-Step Authentication?

Members must pass additional verification before receiving or using certain sensitive roles.

Use cases:

Protect moderation roles, secure roles with access to private channels, verify identity for VIP roles, and prevent compromised accounts from abusing permissions.

Configuration

Step 1: Enable the System

Go to Dashboard → Systems → Two-Step Authentication and enable the system.

Step 2: Select Protected Roles

Choose Discord roles that require verification.

Examples:

@Moderator, @Admin, @Staff, @Verified VIP, @Private Access.

Step 3: Choose Verification Method

Email verification:

Member must verify their email address and enter a code.

Phone verification:

Member must verify their phone number via SMS.

Discord 2FA verification:

Member must have 2FA enabled on their Discord account.

How It Works

For new roles:

When a member receives a protected role, Marsha sends them a private message with verification instructions. The member completes verification and the role is activated. If they don't verify within the time limit, the role is removed.

For existing roles:

When you enable 2FA, all members who already have the protected role must verify within X days or lose the role.

Settings

Verification timeout:

How long members have to complete verification (recommended: 24-48 hours).

Automatic retry:

Number of times the verification message can be resent (recommended: 3 attempts).

Grace period:

Time granted to existing members to verify before losing the role (recommended: 7 days).

Bypass for old accounts:

Exempt Discord accounts created more than X months ago (recommended: 6 months or more).

Exceptions

By roles:

Exempt certain roles from verification (e.g., Server Owner, Bots).

By specific members:

Create exceptions for individual members if necessary.

Next Steps

Settings: Configure role groups
Logs: Record verifications

Enhanced security

2FA adds an important security layer for sensitive roles. Enable it for all roles with elevated permissions.