What It Is
Two-step verification (2FA) is a phone-number-level security control for WhatsApp Business Platform. It uses a 6-digit PIN that is required when registering or re-registering a number.
Why It Matters
If 2FA is enabled, registration-related actions for that number require the PIN. This is especially relevant during migrations between setups, WABAs, or Meta Business Portfolios.
Who Can Manage 2FA
Only users with sufficient access in the owning Meta Business Portfolio can disable or reconfigure 2FA. When a phone number is registered through Dualhook (via the Register Phone Number action), Dualhook sends the PIN to Meta for that registration request but does not store it. Store the PIN in your own credential manager.
How to Disable 2FA in Meta
- Open Meta Business Manager → WhatsApp Manager.
- Go to Phone numbers and select the target number.
- Open Settings → Two-step verification.
- Click Turn off two-step verification.
- Confirm via the email link sent to the business portfolio email address.
After Disabling
- Complete the migration or registration task that required 2FA to be disabled.
- Re-enable 2FA afterward to restore stronger protection on the number.
- If registering through Dualhook, store the PIN in a secure credential manager with controlled access. Dualhook does not save it for later recovery.
Troubleshooting
Turn off button is missing
- Insufficient permissions for the current user.
- Wrong Business Portfolio or wrong WABA/number selected.
Confirmation email does not arrive
- Wrong or outdated portfolio email settings.
- Email filtering or spam quarantine delays.
Registration still asks for PIN
- Disable request not fully completed through email confirmation.
- Propagation delay after settings change.