After successfully setting up two-factor authentication via a TOTP mobile application , the Two-factor recovery codes (https://[hostname]/settings/auth/recovery-codes) page lists your valid recovery codes. We strongly recommend saving your recovery codes in a safe place, like a password manager. If you're unable to save them immediately, you can download them at any point after enabling two-factor authentication.

Treat your recovery codes with the same level of attention as you would your password! They should not be shared or distributed. We recommend saving them with a password manager such as LastPass, 1Password, or Keeper.

  1. In the upper-right corner of any page, click your profile photo, then click Settings. Settings icon in the user bar
  2. In the user settings sidebar, click Security. Security settings sidebar

  3. Under Two-Factor Authentication, click Save your recovery codes. Save recovery codes link

  4. Once you use a recovery code to regain access to your account, it cannot be reused. If you've used all 16 recovery codes, click Generate new recovery codes to recreate another batch of recovery codes.

Further reading