Warning: For security reasons, GitHub Support may not be able to restore access to accounts with two-factor authentication enabled if you lose your two-factor authentication credentials or lose access to your account recovery methods.
Using a two-factor authentication recovery code
Use one of your recovery codes to automatically regain entry into your account. You may have saved your recovery codes to a password manager or your computer's downloads folder. The default filename for recovery codes is github-recovery-codes.txt. For more information about recovery codes, see "Configuring two-factor authentication recovery methods."
- Type your username and password to prompt authentication.
- Under "Having Problems?", click Enter a two-factor recovery code.
- Type one of your recovery codes, then click Verify.
Authenticating with a fallback number
If you lose access to your primary TOTP app or phone number, you can provide a two-factor authentication code sent to your fallback number to automatically regain access to your account.
Authenticating with a security key
If you configured two-factor authentication using a security key, you can use your security key as a secondary authentication method to automatically regain access to your account. For more information, see "Configuring two-factor authentication."
Authenticating with a verified device, SSH token, or personal access token
If you know your GitHub password but don't have the two-factor authentication credentials or your two-factor authentication recovery codes, you can have a one-time password sent to your verified email address to begin the verification process and regain access to your account.
Note: For security reasons, regaining access to your account by authenticating with a one-time password can take 3-5 business days. Additional requests submitted during this time will not be reviewed.
You can use your two-factor authentication credentials or two-factor authentication recovery codes to regain access to your account anytime during the 3-5 day waiting period.
- Type your username and password to prompt authentication. If you do not know your GitHub password, you will not be able to generate a one-time password.
- Under "Having Problems?", click Can't access your two factor device or valid recovery codes?
- Click I understand, get started to request a reset of your authentication settings.
- Click Send one-time password to send a one-time password to all email addresses associated with your account.
- Under "One-time password", type the temporary password from the recovery email GitHub sent.
- Click Verify email address.
- Choose an alternative verification factor.
- If you've used your current device to log into this account before and would like to use the device for verification, click Verify with this device.
- If you've previously set up an SSH key on this account and would like to use the SSH key for verification, click SSH key.
- If you've previously set up a personal access token and would like to use the personal access token for verification, click Personal access token.
- A member of GitHub Support will review your request and email you within 3-5 business days. If your request is approved, you'll receive a link to complete your account recovery process. If your request is denied, the email will include a way to contact support with any additional questions.
Authenticating with an account recovery token
Warning: Account recovery tokens are deprecated and will be disabled on December 1st, 2021. Please ensure you have configured other two-factor recovery methods. For more information, see "Configuring two-factor authentication recovery methods."
If you lose access to the two-factor authentication methods for your account on GitHub.com, you can retrieve your account recovery token from a partner recovery provider and ask GitHub Support to review it.
If you don't have access to your two-factor authentication methods or recovery codes and you've stored an account recovery token with Facebook using Recover Accounts Elsewhere, you may be able to use your token to regain access to your account.
If you're unable to regain access to your account, generate a one-time password to regain access. For more information, see "Authenticating with a verified device, SSH token, or personal access token."
Warnings:
- Before you retrieve an account recovery token, you should try using your two-factor authentication codes or your two-factor authentication recovery codes to regain access to your account. For more information, see "Recovering your account if you lose your 2FA credentials."
- On Facebook, navigate to your Security Settings, then click Recover Accounts Elsewhere.
- Click the recovery token associated with your account on GitHub.com.
- To redeem your account recovery token, click Recover This Account. A new window will open, returning you to GitHub.
- Contact GitHub Support to let them know that your account recovery token is ready for review.