If you lose access to your two-factor authentication credentials, you can use your recovery codes, or another recovery option if you've set one up, to regain access to your account.

Warning: For security reasons, GitHub Support may not be able to restore access to accounts with two-factor authentication enabled if you lose your two-factor authentication credentials or lose access to your account recovery methods.

In this guide

Using a two-factor authentication recovery code

Use one of your recovery codes to automatically regain entry into your account. You may have saved your recovery codes to a password manager or your computer's downloads folder. The default filename for recovery codes is github-recovery-codes.txt. For more information about recovery codes, see "Configuring two-factor authentication recovery methods."

  1. Sign in to GitHub with your username and password.
  2. On the 2FA page, under "Don't have your phone?", click Enter a two-factor recovery code. Link to use a recovery code
  3. Type one of your recovery codes, then click Verify. Field to type a recovery code and Verify button

Authenticating with a fallback number

If you lose access to your primary TOTP app or phone number, you can provide a two-factor authentication code sent to your fallback number to automatically regain access to your account.

Authenticating with an account recovery token

If you lose access to the two-factor authentication methods for your GitHub account, you can retrieve your account recovery token from a partner recovery provider and ask GitHub Support to review it.

If you don't have access to your two-factor authentication methods or recovery codes and you've stored an account recovery token with Facebook using Recover Accounts Elsewhere, you may be able to use your token to regain access to your account.

Warnings:

  1. On Facebook, navigate to your Security Settings, then click Recover Accounts Elsewhere. Facebook security settings page with Recover Accounts Elsewhere link
  2. Click the recovery token associated with your GitHub account. List of recovery tokens stored on Facebook
  3. To redeem your account recovery token, click Recover This Account. A new window will open, returning you to GitHub. Modal box with information about your recovery token and Recover This Account button
  4. Contact GitHub Support or GitHub Premium Support to let them know that your account recovery token is ready for review.

Authenticating with FIDO U2F keys

If you configured two-factor authentication using FIDO U2F, you can use your U2F keys as a secondary authentication method to automatically regain access to your account. For more information, see "Using a FIDO U2F compatible security key."

Further reading