ENLIST + TOTP

On sign-up you receive the secret key (Base32), QR code, and otpauth:// URI for your authenticator app. Store the key somewhere safe — we will not show it again after you leave this flow.

Already have a session? /login — use the same password and TOTP from your authenticator app.