48 lines
1.8 KiB
Markdown
48 lines
1.8 KiB
Markdown
|
---
|
||
|
eleventyNavigation:
|
||
|
key: 2FA
|
||
|
title: Setting up Two-factor Authentication
|
||
|
parent: Security
|
||
|
---
|
||
|
|
||
|
## Why Two-factor Authentication?
|
||
|
While it is important to have a strong password, to gain extra security i.e. in case your password or device ever gets compromised, it is a good idea to configure
|
||
|
Two-factor Authentication for your account.
|
||
|
|
||
|
## How to set up Two-factor Authentication
|
||
|
|
||
|
### Prerequisites
|
||
|
You will need an authenticator app installed on your phone.
|
||
|
|
||
|
If you don't already have an authenticator app and you're not sure which app to
|
||
|
use, have a look at Aegis Authenticator
|
||
|
([F-Droid](https://f-droid.org/de/packages/com.beemdevelopment.aegis/) | [Google Play Store](https://play.google.com/store/apps/details?id=com.beemdevelopment.aegis&hl=en_US)).
|
||
|
|
||
|
### Step 1: Navigate to your user settings
|
||
|
![User Settings](/assets/images/security/2fa/user-settings.webp)
|
||
|
|
||
|
### Step 2: Navigate to the Security tab and click on the Enroll button
|
||
|
![Security Settings](/assets/images/security/2fa/security-settings.webp)
|
||
|
|
||
|
### Step 3: Scan the QR code and enter the verification code
|
||
|
![Scanning QR Code](/assets/images/security/2fa/qr-scan.webp)
|
||
|
|
||
|
After scanning the QR code with your app, enter the six digit code displayed
|
||
|
in your app into the "Passcode" field of the settings form, then click "Verify".
|
||
|
|
||
|
### Step 4: Store your scratch token in a safe place
|
||
|
If your phone ever breaks, get lost or stolen, you can recover your account
|
||
|
using the scratch token.
|
||
|
|
||
|
That token is showed to you right after setting up 2FA:
|
||
|
|
||
|
![Scratch token](/assets/images/security/2fa/scratch-token.webp)
|
||
|
|
||
|
Please store that token in a safe place.
|
||
|
|
||
|
### Step 5: Done!
|
||
|
That's it - you have now configured 2FA for your account.
|
||
|
|
||
|
From now on, each time you log into Codeberg, you will be asked for an
|
||
|
authentication code from your app, adding a layer of security over using
|
||
|
only a password.
|