How?

You can enable 2FA in your settings: https://app.hejj.io/settings/two-factor

Why?

Two-factor authentication adds an extra layer of security to your account. Instead of relying only on your password, 2FA requires a second verification step when you sign in. For Hejj, this is a temporary code from an authenticator app on your phone.

This means even if someone learns your password, they still can't access your account without also having your phone.

You can use any authenticator app that supports time-based one-time passwords (TOTP), such as Google Authenticator, Microsoft Authenticator, Authy, 1Password, or Bitwarden.