From 0a1ee136d666afa0d240b3d0b20145fefa9f76f8 Mon Sep 17 00:00:00 2001 From: Evan Read Date: Fri, 19 Oct 2018 16:26:15 +1000 Subject: [PATCH] Add mention that recovery codes are downloadable. --- .../profile/account/two_factor_authentication.md | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/doc/user/profile/account/two_factor_authentication.md b/doc/user/profile/account/two_factor_authentication.md index bc6ecdf4f32..64219737d61 100644 --- a/doc/user/profile/account/two_factor_authentication.md +++ b/doc/user/profile/account/two_factor_authentication.md @@ -2,8 +2,8 @@ Two-factor Authentication (2FA) provides an additional level of security to your GitLab account. Once enabled, in addition to supplying your username and -password to login, you'll be prompted for a code generated by your one time password -authenticator. For example, a password manager on one of your devices. +password to login, you'll be prompted for a code generated by your one time password +authenticator. For example, a password manager on one of your devices. By enabling 2FA, the only way someone other than you can log into your account is to know your username and password *and* have access to your one time password secret. @@ -83,9 +83,11 @@ Click on **Register U2F Device** to complete the process. Recovery codes are not generated for U2F devices. Should you ever lose access to your one time password authenticator, you can use one of the ten provided -backup codes to login to your account. We suggest copying or printing them for -storage in a safe place. **Each code can be used only once** to log in to your -account. +backup codes to login to your account. We suggest copying them, printing them, or downloading them using +the **Download codes** button for storage in a safe place. + +CAUTION: **Caution:** +Each code can be used only once to log in to your account. If you lose the recovery codes or just want to generate new ones, you can do so [using SSH](#generate-new-recovery-codes-using-ssh).