Help:Two-factor authentication: Difference between revisions

← Older edit

Help:Two-factor authentication (edit)

Revision as of 20:25, 3 January 2020

1,594 bytes added , 4 years ago

m

→‎Enabling two-factor authentication

VisualWikitext

K6ka

Bureaucrats, Administrators

3,311

edits

Revision as of 20:07, 28 April 2019 (edit) K6ka (talk \| contribs) No edit summary ← Older edit		Latest revision as of 20:25, 3 January 2020 (edit) (undo) K6ka (talk \| contribs) m (→‎Enabling two-factor authentication)
(2 intermediate revisions by the same user not shown)
Line 16: # Download a [[wikipedia:Time-based One-time Password algorithm\|TOTP app]] to your mobile device. There are plenty of these apps for both [[wikipedia:Android (operating system)\|Android]] and [[wikipedia:iOS\|iOS]]. Recommended options include: #* '''[[wikipedia:Google Authenticator\|Google Authenticator]]''', a ~~free,~~basic ~~closed~~but ~~source~~effective 2FA ~~from Google~~app, available for both [https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2 Android] and [https://itunes.apple.com/gb/app/google-authenticator/id388497605 iOS].▼ #* '''[[wikipedia:FreeOTP\|FreeOTP]]''', a free and open source 2FA app, available for both [https://play.google.com/store/apps/details?id=org.fedorahosted.freeotp Android] and [https://itunes.apple.com/us/app/freeotp-authenticator/id872559395 iOS]. #* '''Authy''', a 2FA service that allows tokens and codes to be synced across devices, available for [https://play.google.com/store/apps/details?id=com.authy.authy Android], [https://itunes.apple.com/us/app/authy/id494168017 iOS], and [https://authy.com/download/#download-desktop-form desktop] (phone number needed for registration). #* '''LastPass Authenticator''', a 2FA service that also has cloud-sync functionality, available for [https://play.google.com/store/apps/details?id=com.lastpass.authenticator&hl=en_IN Android] and [https://apps.apple.com/us/app/lastpass-authenticator/id1079110004 iOS] (free LastPass account required). #* '''andOTP''', a free and open source 2FA app available for [https://play.google.com/store/apps/details?id=org.shadowice.flocke.andotp Android]. #* '''Authenticator''', a free and open source 2FA app available for [https://itunes.apple.com/us/app/authenticator/id766157276 iOS]. ▲#* '''[[wikipedia:Google Authenticator\|Google Authenticator]]''', a free, closed source 2FA from Google, available for both [https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2 Android] and [https://itunes.apple.com/gb/app/google-authenticator/id388497605 iOS]. # Go to [[Special:Two-factor authentication]]. # Add your account to the 2FA app. This is usually done by scanning the QR code provided on the screen using your 2FA app (the app may ask you to grant permission to use your device's camera first). Point your device's camera at the QR code as if you were taking a picture of it, and the app will automatically add the account once it sees it.[[File:Scanning QR codes on business cards.jpg\|thumb\|Scanning a QR code with your smartphone's camera.]] #:*If for some reason you're unable to scan the QR code, you can alternatively enter the secret key into the app manually to add your account. # Once you've successfully added your account, the app should now start displaying a six letter code on the screen, along with a countdown timer. The codes will change once that timer runs out. # '''Write down the scratch codes provided on the screen.''' This is important—if for some reason your 2FA app doesn't work or if you've lost access to it, these will be the only ways of regaining access to your account. Make sure you write ''all'' of them down and store them somewhere secure. These codes ''will never be shown again'' after this step! Line 47 ⟶ 49: Note that neither OAuth nor bot passwords allow a user to log in using the website, only to the API. As such, these login methods are only for programs that use the API to do their work. ==Adding multiple devices== If you would like to add multiple devices to your account, you must register all of them at the same time when you set up two-factor authentication. For example, if you have two mobile devices and would like to be able to use either of them to log into your account, scan the QR code or enter the secret key on both of the devices before entering the six-digit verification code to finalize setup. If you have already set up two-factor authentication on your account and would like to add more devices, you must first disable two-factor authentication on your account and then set it up again. Additionally, you can use [https://authy.com/ Authy] when setting up two-factor authentication, which will allow you to sync the TOTP tokens to multiple devices. This also has the benefit of allowing you to continue generating codes for your account even if you lose the device you initially used to set up two-factor authentication with. ==Scratch codes== {{Important note\|Make sure you store your scratch codes in a secure location, preferably offline, that you can access in the event you are unable to use the mobile device you set up two-factor authentication with.}} [[File:Enroll-Step3.png\|thumb\|Examples of scratch codes.]] When setting up two-factor authentication, you will be given a list of '''~~five~~ten''' scratch codes. These codes can be used during the verification code step after logging in if you lose access to the mobile device you used to set up two-factor authentication, if your 2FA app got uninstalled or reset, or if the codes your phone is generating aren't working and you've been unable to resolve that problem. '''These codes only work once''', so once you use a code, that code can never be used again. Scratch codes are never shown again after you've set up two-factor authentication, so make sure you write them down somewhere! Here are a few things to keep in mind when using these scratch codes: