Skip to main content

Recovering your account if you lose your 2FA credentials

If you lose access to your two-factor authentication credentials, you can use your recovery codes, or another recovery option, to regain access to your account.

Warnings:

  • Aus Sicherheitsgründen kann GitHub Support den Zugriff auf Konten mit aktivierter Zwei-Faktor-Authentifizierung möglicherweise nicht wiederherstellen, wenn Sie Ihre Anmeldeinformationen für die Zwei-Faktor-Authentifizierung oder den Zugriff auf Ihre Methoden zur Kontowiederherstellung verlieren.

Using a two-factor authentication recovery code

Use one of your recovery codes to automatically regain entry into your account. You may have saved your recovery codes to a password manager or your computer's downloads folder. The default filename for recovery codes is github-recovery-codes.txt. For more information about recovery codes, see "Configuring two-factor authentication recovery methods."

  1. Type your username and password to prompt authentication.

    Warning: Wenn du dein persönliches Konto mit zweistufiger Authentifizierung schützt, aber dein Kennwort nicht kennst, kannst du diese Schritte zur Kontowiederherstellung nicht ausführen. GitHub kann eine E-Mail für die Kennwortzurücksetzung an eine verifizierte Adresse senden, die deinem Konto zugeordnet ist. Weitere Informationen findest du unter Anmeldeinformationen für den Zugriff auf GitHub aktualisieren.

  2. Under "Having problems?", click Use a recovery code or request a reset.

    Screenshot of link to use a recovery code

  3. Type one of your recovery codes, then click Verify.

    Field to type a recovery code and Verify button

Authenticating with a fallback number

If you lose access to your primary TOTP app or phone number, you can provide a two-factor authentication code sent to your fallback number to automatically regain access to your account.

Authenticating with a security key

If you configured two-factor authentication using a security key, you can use your security key as a secondary authentication method to automatically regain access to your account. For more information, see "Configuring two-factor authentication."

Authenticating with a verified device, SSH token, or personal access token

If you know your password for GitHub.com but don't have the two-factor authentication credentials or your two-factor authentication recovery codes, you can have a one-time password sent to your verified email address to begin the verification process and regain access to your account.

Note: For security reasons, regaining access to your account by authenticating with a one-time password can take up to three business days. GitHub will not review additional requests submitted during this time.

You can use your two-factor authentication credentials or two-factor authentication recovery codes to regain access to your account anytime during the 3-5 day waiting period.

  1. Type your username and password to prompt authentication.

    Warning: Wenn du dein persönliches Konto mit zweistufiger Authentifizierung schützt, aber dein Kennwort nicht kennst, kannst du diese Schritte zur Kontowiederherstellung nicht ausführen. GitHub kann eine E-Mail für die Kennwortzurücksetzung an eine verifizierte Adresse senden, die deinem Konto zugeordnet ist. Weitere Informationen findest du unter Anmeldeinformationen für den Zugriff auf GitHub aktualisieren.

  2. Under "Having problems?", click Use a recovery code or request a reset.

    Screenshot of link if you don't have your 2fa device or recovery codes

  3. To the right of "Locked out?", click Try recovering your account.

    Screenshot of link to try recovering your account

  4. Click I understand, get started to request a reset of your authentication settings.

    Screenshot of button to start reset of authentication settings

  5. Click Send one-time password to send a one-time password to all eligible addresses associated with your account. Only verified emails are eligible for account recovery. If you've restricted password resets to your primary and/or backup addresses, these addresses are the only addresses eligible for account recovery.

    Screenshot of button to send one-time password

  6. Under "One-time password", type the temporary password from the recovery email GitHub sent.

    Screenshot of field to type one-time password

  7. Click Verify email address.

    Screenshot of button to verify email address

  8. Choose an alternative verification factor.

    • If you've used your current device to log into this account before and would like to use the device for verification, click Verify with this device.
    • If you've previously set up an SSH key on this account and would like to use the SSH key for verification, click SSH key.
    • If you've previously set up a personal access token and would like to use the personal access token for verification, click Personal access token.

    Screenshot of buttons for alternative verification

  9. A member of GitHub-Support will review your request and email you within three business days. If your request is approved, you'll receive a link to complete your account recovery process. If your request is denied, the email will include a way to contact support with any additional questions.