After successfully setting up two-factor authentication via a TOTP mobile application , the Two-factor recovery codes (https://[hostname]/settings/auth/recovery-codes) page lists your valid recovery codes. We strongly recommend saving your recovery codes immediately. If you don't, though, you can download them at any point after enabling two-factor authentication.

Treat your recovery codes with the same level of attention as you would your password! They should not be shared or distributed. We recommend saving them with a password manager such as LastPass, 1Password, or Keeper.

  1. In the top right corner of any page, click . Settings icon in the user bar
  2. In the user settings sidebar, click Security. Security settings sidebar

  3. Under Two-Factor Authentication, click Save your recovery codes. Save recovery codes link

  4. Once you use a recovery code to regain access to your account, it cannot be reused. If you've used all 16 recovery codes, click Generate new recovery codes to recreate another batch of recovery codes.

Further reading