1. Visit the Security tab within the Settings of your account. This can only be done through the web version of ProtonMail found at mail.protonmail.com
2. Select Enable Two-Factor Authentication
3. Open the Token2 Burner app on your mobile device and click the button to scan a QR code, or manually enter the authentication key (base32 format is to be used). To scan the code, point your devices camera at the QR code seen in the setting of your ProtonMail account. (Note: the image below is a demo, do not scan it. Scan the image shown in your account.)
4. You will see the following modal that requires you to enter the Login password of your account, along with the two-factor passcode which you will see displayed on your hardware token.
5. ProtonMail will also provide you with several one-time use recovery codes. Please save these codes in a secure place and do NOT lose them. If you ever misplace or lose your authentication device (mobile phone, etc) these codes will be the only way to log into your account. If you ever lose your hardware token, you can enter these codes instead of the 6-digit authenticator code. Note, each code can only be used once, and they must be used in the listed order, so please save all the codes.