Start — 98tot in in a few minutes Ready.

98tot Two-Factor Authentication – Liga 1Piala AFF & Football Markets

Two-factor authentication (2FA) adds a second security layer to your 98tot account, requiring both your password and a code from your phone before you can log in or perform sensitive actions like withdrawals. We offer 2FA as an optional security feature that complements our standard SMS-based mobile verification during signup and withdrawal requests.

Open an account
98tot featured game showcase

Two-Factor Authentication

Live and
Category
Live Table / Card
RTP
medium

Our 2FA system uses time-based one-time passwords (TOTP) generated by authenticator apps on your phone — such as Google Authenticator, Microsoft Authenticator, or Authy. When you enable 2FA on your 98tot account, you scan a unique QR code with one of these apps, and it begins generating new six-digit codes every 30 seconds. During login, after entering your password, you enter the current code from your authenticator app to confirm your identity.

What Two-Factor Authentication Does

Two-factor authentication requires two separate pieces of information to log in: something you know (your password) and something you have (a code from your phone). Even if someone learns your password through phishing, a data breach, or a weak password choice, they cannot log in without access to your phone and the authenticator app.

Our 2FA system uses authenticator apps rather than SMS codes for the second factor. Authenticator apps are more secure than SMS because the codes are generated locally on your phone and never transmitted over networks where they could be intercepted. Your authenticator app generates a new code every 30 seconds, and old codes expire and become unusable — so even if someone sees a code on your screen, they cannot reuse it.

98tot 2FA is optional. You can use our platform without enabling it, relying instead on your password and our standard mobile verification (SMS codes sent during signup and withdrawal). However, we recommend 2FA for players who maintain larger account balances, make frequent withdrawals, or want maximum account protection.

Setting Up 2FA on Your 98tot Account

To enable 2FA, navigate to your account settings on 98tot and select "Security" or "Two-Factor Authentication." The page will display a QR code unique to your account. Download and install an authenticator app on your phone — Google Authenticator, Microsoft Authenticator, Authy, and similar apps all work with our system. Open your authenticator app, tap "Add Account" or the "+" button, and scan our QR code using your phone's camera.

Your authenticator app will display your 98tot account name and begin generating new six-digit codes every 30 seconds. Return to the 98tot security settings page and enter the current code from your authenticator app into the confirmation field. Once you submit the code and it matches, 2FA is enabled on your account.

98tot account settings page showing Two-Factor Authentication enable option
Locate 2FA in your 98tot account security settings

Backup Codes and Account Recovery

When you enable 2FA, 98tot generates and displays a set of backup codes — typically 5 to 10 single-use codes that you can save in a secure location (not on your phone or computer). Backup codes are one-time use only and serve as a recovery mechanism if you lose access to your authenticator app (for example, if your phone is stolen or lost).

We strongly recommend saving these backup codes in a secure password manager, a locked drawer, or another safe place separate from your phone. If you ever need to disable 2FA temporarily or regain access after losing your phone, contact our support team via your in-app help menu and provide one of your backup codes to verify your identity.

Key takeaways

  • 2FA requires both your password and a code from your phone to log in
  • Authenticator apps (Google Authenticator, Microsoft Authenticator, Authy) generate new codes every 30 seconds
  • Save your backup codes in a secure location for emergency account recovery
  • 2FA is optional but recommended for players with larger balances or frequent withdrawals
  • Enabling 2FA does not affect deposits via QRIS, e-wallet, mobile banking, or other payment methods

Two-Factor Authentication and Account Access

Once you enable 2FA, you will be prompted for your authenticator code every time you log into 98tot from a new device or session. If you log in from the same device repeatedly (such as your home phone or laptop), 98tot may remember your device and skip the 2FA prompt on subsequent logins within the same session. However, if you log out and log back in, or if you access your account from a different device, you will need to provide your 2FA code again.

Our 2FA system also protects sensitive account actions. When you initiate a withdrawal, change your password, update your email address, or modify your account recovery settings, 98tot will request your 2FA code to confirm the action. This multi-factor approach ensures that even if someone gains temporary access to your account (for example, if you leave your computer unlocked), they cannot approve withdrawals or permanently lock you out by changing your password.

Google Authenticator app displaying 98tot account with six-digit code
Authenticator app generates codes every 30 seconds
98tot login screen with password field and 2FA code entry field
Login requires both password and 2FA code
98tot backup codes list showing one-time recovery codes
Backup codes provide emergency account recovery

Two-Factor Authentication in the Broader Security Context

Our 98tot platform uses multiple security measures that work together. Mobile verification via SMS confirms your phone number during signup and requires a code before each withdrawal request. Two-factor authentication adds a second login-time barrier. Account recovery options (email confirmation, security questions, or backup codes) let you regain access if you forget your password. All these layers together create a comprehensive security posture.

During major football tournaments like Liga 1 playoffs, Piala Indonesia knockout rounds, or Piala AFF group stages, account activity peaks and the value of account security increases. Similarly, around Idul Fitri and Idul Adha holidays when deposits surge, we recommend ensuring your 2FA is active. Players in Jakarta, Surabaya, Bandung, and Medan who maintain active sportsbook accounts benefit especially from this extra protection.

Two-factor authentication transforms your account from a single point of failure (your password) into a two-barrier system. One barrier breaks; the other remains.

98tot Editorial Team

Losing Access to Your Authenticator App

If your phone is lost, stolen, or reset, and you have 2FA enabled on your 98tot account, you will be unable to generate new codes during login. Your authenticator app stores the secret key locally on your device — once the device is gone, the app cannot generate codes unless you restore from a backup (available on some phones like iPhones with iCloud backup, but not guaranteed on all devices).

This is precisely why backup codes exist. If you lose your phone, visit the 98tot login page and look for a "Recovery" or "Can't access your 2FA code?" link. Follow the recovery flow, provide one of your backup codes, and you will regain access to your account. Your backup code is consumed (becomes unusable), but you can disable 2FA temporarily, set up a new authenticator app on a replacement phone, and re-enable 2FA.

If you have lost both your phone and your backup codes, contact our support team via email or alternative channels. Our team can verify your identity using your registered phone number, email address, and account history, and assist you in recovering your account. Be prepared to answer security questions about your recent account activity (withdrawals, deposits, games played) to confirm your identity.

  • 1
    Enable 2FA in account settingsSetup

    Navigate to Security settings and select the option to enable Two-Factor Authentication. Scan the QR code with your authenticator app.

  • 2
    Confirm setup with a codeVerification

    Enter the six-digit code currently displayed in your authenticator app into the confirmation field on the 98tot page.

  • 3
    Save backup codesRecovery

    98tot will display a set of backup codes. Copy or screenshot these codes and store them in a secure location separate from your phone.

  • 4
    Log in with 2FA activeOngoing

    On your next login, you will be prompted for your 2FA code from your authenticator app after entering your password.

  • 5
    Use backup codes if neededEmergency

    If you lose access to your authenticator app, use one of your saved backup codes during login recovery. Each backup code is single-use.

Two-Factor Authentication and Payment Methods

Enabling 2FA on your 98tot account does not change how you deposit or withdraw. Your supported payment methods — local payment, online payment, e-wallet, mobile banking, local payment, online payment, and bank transfers through e-wallet, mobile banking, local payment, or online payment — continue to work as normal. When you initiate a withdrawal, our platform will request both your 2FA code (to verify you are the account holder) and your standard mobile verification code (SMS sent to your phone number). This double-verification process ensures that withdrawals are approved only by you.

The extra layer of 2FA does not delay payments. Once you provide both the 2FA code and the SMS verification code, your withdrawal request enters our processing queue immediately. Withdrawal processing times depend on your payment method and bank (not on 2FA), so e-wallet and e-wallet transfers typically complete within minutes, while bank transfers may take several hours depending on banking hours and the destination bank.

98tot withdrawal confirmation screen showing 2FA code entry and payment method selection
2FA code required during withdrawal initiation

Withdrawal Security with 2FA

Our withdrawal flow on 98tot requires multiple confirmations when 2FA is active. First, you provide your 2FA code from your authenticator app. Second, we send an SMS code to your verified phone number (mobile verification), which you must enter to confirm the withdrawal. Only after both codes are verified do we process your withdrawal request.

This multi-factor approach means that even if someone compromises your password, they still cannot withdraw your funds without your authenticator app and your phone. If you notice unauthorized withdrawal attempts on your account, contact our support team immediately via your in-app help menu.

Summary: Two-Factor Authentication on 98tot

Two-factor authentication is an optional security feature on 98tot that requires both your password and a code from your phone to log in. We recommend enabling it if you maintain a larger account balance, make frequent withdrawals, or simply want maximum account protection. The setup process takes a few minutes: download an authenticator app, scan a QR code on your account settings page, confirm with a generated code, and save your backup codes for emergency recovery.

Once 2FA is active, every login and sensitive account action (password change, withdrawal, account recovery settings update) requires your 2FA code. Your 2FA code is generated locally on your phone every 30 seconds and cannot be reused — this makes it far more secure than password-only access. If you lose your phone, your backup codes provide a path to regain access without losing your funds.

Our 98tot platform treats 2FA as part of a comprehensive security strategy that includes mobile verification (SMS codes during signup and withdrawal), password management, and account recovery options. Whether you focus on Liga 1 sportsbook markets, live casino tables like blackjack and roulette, or slot games, 2FA ensures that your account and funds are protected by multiple verification layers. Visit your account settings to enable 2FA today, or contact our support team if you have questions about the setup process.