> ## Documentation Index
> Fetch the complete documentation index at: https://skyvern.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Password Credentials

> Create and manage password credentials in the Skyvern Cloud UI with optional two-factor authentication via TOTP, email, or SMS for automated login agents.

Password credentials store a username, password, and optional 2FA configuration. Reference them from [Login blocks](/cloud/building-agents/configure-blocks) in your agents, and Skyvern handles the entire sign-in flow, including entering 2FA codes.

## Creating a password credential

<Steps>
  <Step title="Open the Add dialog">
    Click **+ Add → Password** from the Credentials page.
  </Step>

  <Step title="Fill in your login details">
    Enter a **Name** (a label like "Salesforce Production"), **Username or Email**, and **Password**. The password field has an eye icon to toggle visibility.
  </Step>

  <Step title="Configure 2FA (optional)">
    Expand the **Two-Factor Authentication** accordion to set up automated 2FA handling. See [below](#adding-two-factor-authentication) for details.
  </Step>

  <Step title="Save">
    Click **Save**. The credential is immediately available for use in agents.
  </Step>
</Steps>

<img src="https://mintcdn.com/skyvern/r7-Gpk9XzCfyJ6Ad/images/cloud/credentials-add-password.png?fit=max&auto=format&n=r7-Gpk9XzCfyJ6Ad&q=85&s=3f1f57706b68e327bfd0338f04b641d8" alt="Add password credential modal" width="1552" height="910" data-path="images/cloud/credentials-add-password.png" />

## Adding two-factor authentication

If the site requires 2FA, expand the **Two-Factor Authentication** accordion below the password fields. Three options, depending on how the site delivers codes:

<img src="https://mintcdn.com/skyvern/r7-Gpk9XzCfyJ6Ad/images/cloud/credentials-2fa-setup.png?fit=max&auto=format&n=r7-Gpk9XzCfyJ6Ad&q=85&s=b9797b4a473fd34a6c53976774c55deb" alt="2FA setup options showing Authenticator App, Email, and Text Message" width="1460" height="1482" data-path="images/cloud/credentials-2fa-setup.png" />

| Method                | How it works                                                                                                                                                                                           |
| --------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| **Authenticator App** | Paste the TOTP secret key and Skyvern generates codes locally on demand. Fully automated with no delay. Preferred when the site supports it.                                                           |
| **Email**             | Provide the email address that receives codes. Skyvern waits for you to push the code via the [2FA tab](/cloud/managing-credentials/totp-setup) or API. Identifier auto-fills from the Username field. |
| **Text Message**      | Provide the phone number that receives codes. Same push-based flow as Email.                                                                                                                           |

<Tip>
  Authenticator App is always the best option when available. Email and Text require either manual code entry or setting up automatic forwarding.
</Tip>

<Accordion title="Finding your TOTP secret key">
  The secret key is the base32-encoded string behind the QR code you'd scan in an authenticator app. Most password managers let you view it:

  * **Bitwarden**: Edit the login → TOTP field → copy the key
  * **1Password**: Edit the login → One-Time Password → copy the secret
  * **LastPass**: Edit the login → Advanced Settings → copy the TOTP secret
  * **Site settings**: Many sites show a "Can't scan?" link during 2FA setup that reveals the text key

  If you only have a QR code, decode it to extract the `secret=` parameter from the `otpauth://totp/...?secret=BASE32KEY` URI.
</Accordion>

## Using credentials in an agent

In the Login block configuration, select a stored credential from the dropdown. Skyvern fills in the username and password automatically, and handles 2FA if configured.

## Managing credentials

Stored credentials show the name, credential ID, username (plain text), password (always masked), and 2FA method if configured.

<Note>
  To edit a credential, click the **pencil icon** on its row. For security, saved passwords and secrets are never retrieved, so you must re-enter all sensitive fields when updating.
</Note>

<CardGroup cols={2}>
  <Card title="2FA / TOTP Setup" icon="shield-halved" href="/cloud/managing-credentials/totp-setup">
    Push verification codes and manage 2FA for Email and Text methods
  </Card>

  <Card title="Block Reference" icon="cube" href="/cloud/building-agents/configure-blocks">
    Configure Login blocks and other blocks that use credentials
  </Card>
</CardGroup>
