Configure 2FA Recovery Methods
After enabling Two-Factor Authentication (2FA) using one of the available methods, you should generate recovery codes to ensure you can regain access to your account in case you lose access to your authentication device.
Best Practices for 2FA Recovery
Store your recovery codes securely:
We strongly recommend storing your recovery codes in a secure location, such as:
- A password manager (e.g., LastPass, 1Password)
- A secure offline document
- A printed copy stored in a safe place
Do not share or distribute your recovery codes with anyone. Treat them like passwords and keep them secure.
Enable more than one 2FA Methods
To avoid losing access to your account, we strongly recommend enabling more than one 2FA methods, such as:
- Authenticator App (TOTP app like Google Authenticator, Authy)
- SMS/Text message
This way, if one method is unavailable, you can use another to log in.
Generating and Downloading your 2FA Recovery Codes
Recovery codes allow you to access your account if you lose access to your authenticator app or security key. When you generate recovery codes, a set of unique, one-time-use codes is provided.
- Each recovery code can be used only once.
- Do now share or distribute your recovery codes with anyone.
- If you believe your recovery codes have been compromised, generate a new set of codes.
- Log into your account and navigate to My Settings in the upper-right corner.
- Click on Password and Authentication from the menu.
- Click on View Recovery Codes under the Two Factor Authentication section.
To save your recovery codes, you can:
- Download the recovery codes as a text file by clicking Download
- Print them to generate a hard copy by clicking Print
- Copy the codes and store them in a secure location (e.g., password manager, secure offline document)
Regenerating Recovery Codes
Once you use a recovery code, it cannot be reused. To ensure continuous access, we recommend periodically re-generating a new set of 16 recovery codes and storing them securely.
Why should I regenerate recovery codes?
- If you have used multiple codes, generating a fresh set ensures you have enough codes to access your account.
- If you believe your recovery codes have been compromised, generating a new set of codes will help secure your account.
To regenerate recovery codes:
- Log into your account and navigate to My Settings in the upper-right corner.
- Click on Password and Authentication from the menu.
- Click on Generage new codes under the Two Factor Authentication section.
Configuring Backups for your TOTP App
Most Time-Based One-Time Password (TOTP) apps, such as Google Authenticator, Authy, and Microsoft Authenticator, support backup and recovery options.
How backupgs can help you:
- Google Authenticator: You can back up your account credentials to your Google account and transfer them to a new device.
- Authy: Supports encrypted cloud backups to restore 2FA codes on a new phone.
- Microsoft Authenticator: Allows you to back up your account credentials to your Microsoft account.
Recommendations for Secure 2FA backups
- If your TOTP app supports backups, enable them to ensure you can recover your 2FA codes if you lose access to your device.
- Ensure your backups are encrypted and stored securely to prevent unauthorized access.
- Use multiple authentication methods to ensure redundancy in case one method fails.
By following these best practices, you ensure that your account remains accessible while maintaining strong security.