Recovering your account if you lose your 2FA credentials
If you lose access to your two-factor authentication credentials, you can use your recovery codes, or another recovery option if you've set one up, to regain access to your account.
Warning: For security reasons, GitHub Support may not be able to restore access to accounts with two-factor authentication enabled if you lose your two-factor authentication credentials or lose access to your account recovery methods.
In this guide
- Using a two-factor authentication recovery code
- Authenticating with a fallback number
- Authenticating with an account recovery token
- Authenticating with a security key
Using a two-factor authentication recovery code
Use one of your recovery codes to automatically regain entry into your account. You may have saved your recovery codes to a password manager or your computer's downloads folder. The default filename for recovery codes is
github-recovery-codes.txt. For more information about recovery codes, see "Configuring two-factor authentication recovery methods."
- Sign in to GitHub with your username and password.
- On the 2FA page, under "Don't have your phone?", click Enter a two-factor recovery code.
- Type one of your recovery codes, then click Verify.
Authenticating with a fallback number
If you lose access to your primary TOTP app or phone number, you can provide a two-factor authentication code sent to your fallback number to automatically regain access to your account.
Authenticating with an account recovery token
If you lose access to the two-factor authentication methods for your GitHub account, you can retrieve your account recovery token from a partner recovery provider and ask GitHub Support to review it.
If you don't have access to your two-factor authentication methods or recovery codes and you've stored an account recovery token with Facebook using Recover Accounts Elsewhere, you may be able to use your token to regain access to your account.
- Before you retrieve an account recovery token, you should try using your two-factor authentication codes or your two-factor authentication recovery codes to regain access to your account. For more information, see "Recovering your account if you lose your 2FA credentials."
- If you're unable to regain access to your account, you should contact GitHub Support or GitHub Premium Support before retrieving your account recovery token.
- On Facebook, navigate to your Security Settings, then click Recover Accounts Elsewhere.
- Click the recovery token associated with your GitHub account.
- To redeem your account recovery token, click Recover This Account. A new window will open, returning you to GitHub.
- Contact GitHub Support or GitHub Premium Support to let them know that your account recovery token is ready for review.
Authenticating with a security key
If you configured two-factor authentication using a security key, you can use your security key as a secondary authentication method to automatically regain access to your account. For more information, see "Configuring two-factor authentication."