Help:Two-factor authentication

From Meta Wiki
Jump to navigation Jump to search

Two-factor authentication is available for users on our wikis and can be activated at any time in your preferences. It is an extra layer of security that allows you to protect your account by using your mobile phone or other physical device. It is as simple as downloading an app (for free), such as Authy, and using it to generate codes that you will be asked for when you attempt to login to our wikis.

There is no requirement to use two-factor authentication on our wikis, though is it highly recommended to secure your account, especially if you have elevated rights on any of our wikis.

Setting it up

The preference option for enabling two-factor auth
  1. Go to Special:Preferences and select Enable two-factor authentication under the 'User profile' tab
  2. Download an application to your mobile or desktop that can generate 2FA codes, such as Authy or Google Authenticator
  3. Scan the QR code shown on the page using the app, or input the secret manually
  4. Write down the backup "scratch" codes in case you lose access to your mobile or desktop application. They can only be used once per code, and will never be accessible again
  5. Enter a code generated by your 2FA app into the box on the page to confirm that it is setup correctly


What happens if I lose my device/app?

Some 2FA apps, such as Authy, save your account tokens in the cloud so that you can regain access by logging into your account for that app. This is especially useful if you switch devices. Alternatively, you can use a backup code to login to your account and disable two-factor authentication. If you do not have any backup codes, you will not be able to login. We will not typically act on support emails regarding lost account access as a result of losing 2FA codes, as we can't easily verify that it is actually you trying to regain account access.

When will I be asked for a code?

You will be prompted for a code on every new login, and when attempting to change sensitive settings, such as your password.

I've lost my backup codes, can I get them back?

You can disable and re-enable two-factor authentication to generate new backup codes.