Documentation/content/security/2fa.md

---
eleventyNavigation:
  key: 2FA
  title: Setting up Two-factor Authentication
  parent: Security
---

## Why Two-factor Authentication?
While it is important to have a strong password, to gain extra security i.e. in case your password or device ever gets compromised, it is a good idea to configure
Two-factor Authentication for your account.

## How to set up Two-factor Authentication

### Prerequisites
You will need an authenticator app installed on your phone.

If you don't already have an authenticator app and you're not sure which app to 
use, have a look at Aegis Authenticator
([F-Droid](https://f-droid.org/de/packages/com.beemdevelopment.aegis/) | [Google Play Store](https://play.google.com/store/apps/details?id=com.beemdevelopment.aegis&hl=en_US)).

### Step 1: Navigate to your user settings
![User Settings](/assets/images/security/2fa/user-settings.webp)

### Step 2: Navigate to the Security tab and click on the Enroll button
![Security Settings](/assets/images/security/2fa/security-settings.webp)

### Step 3: Scan the QR code and enter the verification code
![Scanning QR Code](/assets/images/security/2fa/qr-scan.webp)

After scanning the QR code with your app, enter the six digit code displayed
in your app into the "Passcode" field of the settings form, then click "Verify".

### Step 4: Store your scratch token in a safe place
If your phone ever breaks, get lost or stolen, you can recover your account
using the scratch token.

That token is showed to you right after setting up 2FA:

![Scratch token](/assets/images/security/2fa/scratch-token.webp)

Please store that token in a safe place.

### Step 5: Done!
That's it - you have now configured 2FA for your account.

From now on, each time you log into Codeberg, you will be asked for an
authentication code from your app, adding a layer of security over using
only a password.
Guide to set up 2FA 2020-08-29 11:14:14 +00:00			`---`
			`eleventyNavigation:`
			`key: 2FA`
			`title: Setting up Two-factor Authentication`
			`parent: Security`
			`---`

			`## Why Two-factor Authentication?`
			`While it is important to have a strong password, to gain extra security i.e. in case your password or device ever gets compromised, it is a good idea to configure`
			`Two-factor Authentication for your account.`

			`## How to set up Two-factor Authentication`

			`### Prerequisites`
			`You will need an authenticator app installed on your phone.`

			`If you don't already have an authenticator app and you're not sure which app to`
			`use, have a look at Aegis Authenticator`
			`([F-Droid](https://f-droid.org/de/packages/com.beemdevelopment.aegis/) \| [Google Play Store](https://play.google.com/store/apps/details?id=com.beemdevelopment.aegis&hl=en_US)).`

			`### Step 1: Navigate to your user settings`
			`![User Settings](/assets/images/security/2fa/user-settings.webp)`

			`### Step 2: Navigate to the Security tab and click on the Enroll button`
			`![Security Settings](/assets/images/security/2fa/security-settings.webp)`

			`### Step 3: Scan the QR code and enter the verification code`
			`![Scanning QR Code](/assets/images/security/2fa/qr-scan.webp)`

			`After scanning the QR code with your app, enter the six digit code displayed`
			`in your app into the "Passcode" field of the settings form, then click "Verify".`

			`### Step 4: Store your scratch token in a safe place`
			`If your phone ever breaks, get lost or stolen, you can recover your account`
			`using the scratch token.`

			`That token is showed to you right after setting up 2FA:`

			`![Scratch token](/assets/images/security/2fa/scratch-token.webp)`

			`Please store that token in a safe place.`

			`### Step 5: Done!`
			`That's it - you have now configured 2FA for your account.`

			`From now on, each time you log into Codeberg, you will be asked for an`
			`authentication code from your app, adding a layer of security over using`
			`only a password.`