If you're unable to authenticate using a TOTP mobile app, you can authenticate using SMS messages. You can also provide a second number for a fallback device. If you lose access to both your primary device and your recovery codes, a backup SMS number can get you back in to your account.

Before using this method, be sure that you can receive text messages. Carrier rates may apply.

Warning for non-US Numbers: GitHub doesn't support sending SMS messages to every country. Before configuring authentication via text message, review our list of countries where GitHub supports authentication via SMS. We strongly recommend using a TOTP application for two-factor authentication instead of SMS.

Warning for users in organizations that require two-factor authentication:

  • If you're a member, billing manager, or outside collaborator to a private repository of an organization that requires two-factor authentication, you must leave the organization before you can disable 2FA on GitHub.
  • If you disable 2FA you will automatically lose access to the organization and any private forks you have of the organization's private repositories. To regain access to the organization and your forks, re-enable two-factor authentication and contact an organization owner.
  1. In the upper-right corner of any page, click your profile photo, then click Settings. Settings icon in the user bar
  2. In the user settings sidebar, click Security. Security settings sidebar

  3. Under Two-factor authentication, click Set up two-factor authentication. 2FA dialog box

  4. On the Two-factor authentication page, click Set up using SMS.
  5. Select your country code and type your mobile phone number, including area code. When your information is correct, click Send authentication code. 2FA SMS screen
  6. You'll receive a text message with a security code. Type the code on the Two-factor authentication page, and click Continue. 2FA SMS continue field

  7. To enable two-factor authentication you must save your two-factor recovery codes in a safe place, such as a password manager, by clicking Download, Print, or Copy. Your recovery codes will help get you back into your account if you've lost access. download-print-or-copy-recovery-codes

  8. After saving your two-factor recovery codes in a safe place, click Enable two-factor authentication. enable-two-factor-authentication

  9. After 2FA has been enabled and you've saved your recovery codes, we recommend you sign out and back in to your account. In case of problems, such as a forgotten password or typo in your email address, you can use recovery codes to access your account and correct the problem.

Further reading