From c774c238e21d53a513ff96d86a8e9480b51a2807 Mon Sep 17 00:00:00 2001 From: Joshua Walker <3141202+joshuawalker@users.noreply.github.com> Date: Mon, 27 Jan 2025 21:54:47 +1300 Subject: [PATCH] Update unlink email article with passwordless steps (#53977) Co-authored-by: Kevin Heis Co-authored-by: Sophie <29382425+sophietheking@users.noreply.github.com> --- ...our-email-address-from-a-locked-account.md | 36 ++++++++++++------- ...updating-your-github-access-credentials.md | 7 ++-- ...ccount-if-you-lose-your-2fa-credentials.md | 34 ++++++++++-------- .../alternative-authentication-note.md | 2 ++ .../accounts/alternative-authentication.md | 2 +- .../accounts/request-password-reset-link.md | 5 +++ .../accounts/unlinking-email-address.md | 10 ++++-- .../accounts/you-must-know-your-password.md | 2 +- 8 files changed, 62 insertions(+), 36 deletions(-) create mode 100644 data/reusables/accounts/alternative-authentication-note.md create mode 100644 data/reusables/accounts/request-password-reset-link.md diff --git a/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/unlinking-your-email-address-from-a-locked-account.md b/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/unlinking-your-email-address-from-a-locked-account.md index a6caaa8b46..0a8e5f58b2 100644 --- a/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/unlinking-your-email-address-from-a-locked-account.md +++ b/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/unlinking-your-email-address-from-a-locked-account.md @@ -12,29 +12,41 @@ topics: shortTitle: Unlink your email --- -> [!NOTE] -> * Following these steps will not disable 2FA or provide access to a locked account, but will instead unlink the associated email address so it may be used for a different account. If you cannot regain access to the 2FA locked account, these steps will permanently break the link between the account and the linked email address. Before continuing with this article, be sure you have lost all access to your account. For more information, see [AUTOTITLE](/authentication/securing-your-account-with-two-factor-authentication-2fa/recovering-your-account-if-you-lose-your-2fa-credentials). -> * If you recover access to your locked account, you can re-link an unlinked email address. For more information, see [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/adding-an-email-address-to-your-github-account). - ## About unlinking your email address -Since an email address can only be associated with a single {% data variables.product.prodname_dotcom %} account, when you've lost your 2FA credentials and are unable to recover access, unlinking your email address from the locked account allows you to link that email address to a new or existing account. Additionally, linking a previously used commit email address to a new account will connect your commit history to that account. Unless you have chosen to keep your email address private, your account's commit email address is the same as your account's primary email address. For more information, see [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/setting-your-commit-email-address). Be aware that nothing else associated with your 2FA locked account, including your repositories, permissions, and profile, will transfer to your new account. +Since an email address can only be associated with a single {% data variables.product.prodname_dotcom %} account, when you've lost your 2FA credentials and are unable to recover access, unlinking your email address from the locked account allows you to link that email address to a new or existing account. Additionally, linking a previously used commit email address to a new account will connect your commit history to that account. Unless you have chosen to keep your email address private, your account's commit email address is the same as your account's primary email address. See [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/setting-your-commit-email-address). > [!NOTE] -> Backup email addresses are not associated with your commits. Unlinking a backup email address and linking the email address to a different account will not connect your commit history to that account. +> The {% data variables.product.github %}-provided `noreply` email address cannot be unlinked from an account. Commits authored with a `noreply` address cannot be reconnected to a different account. + +Be aware that nothing else associated with your 2FA locked account, including your repositories, permissions, and profile, will transfer to your new account. ## Unlinking your email address +Unlinking email addresses is only available for accounts with 2FA enabled. If you do not have 2FA enabled, you can sign in and remove your email address from your account settings. + +> [!WARNING] +> Following these steps will not disable 2FA or provide access to a locked account, but will instead unlink the associated email address so it may be used for a different account. If you cannot regain access to the 2FA locked account, these steps will permanently break the link between the account and the linked email address. Before continuing with this article, be sure you have lost all access to your account. See [AUTOTITLE](/authentication/securing-your-account-with-two-factor-authentication-2fa/recovering-your-account-if-you-lose-your-2fa-credentials). + +### Unlinking with your password + +If you know your password, you can sign in with your password to unlink your email address + 1. Navigate to [https://github.com/login](https://github.com/login). 1. To prompt two-factor authentication, type your username and password, then click **Sign in**. -1. Under "Unable to verify with your security key?", click **Use a recovery code or request a reset**. -1. Under "Locked out?", click **Recover your account or unlink an email address**. +1. Under "Having problems?", click **Use a recovery code or begin 2FA account recovery**. +1. Under "Locked out?", click **Try 2FA account recovery, or unlink your account email address(es)**. 1. In the modal that appears, click **I understand, get started**. -1. To send an email containing a one-time password to each email address associated with your account, click **Send one-time password**. +1. You may be required to verify an email address. To send an email containing a one-time password to each email address associated with your account, click **Send one-time password**. 1. To verify your identity, type the one-time password from your email in the "One-time password" text field, then click **Verify email address**. {% data reusables.accounts.unlinking-email-address %} - > [!NOTE] - > You can also link your unlinked email to an existing {% data variables.product.prodname_dotcom %} account. For more information, see [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/adding-an-email-address-to-your-github-account). +### Unlinking without your password -1. Optionally, if you have any form of payment set up on the locked account, please contact us through the {% data variables.contact.contact_support_portal %} to cancel future payments. For example, you might have a paid subscription or sponsor developers through {% data variables.product.prodname_sponsors %}. If you are sponsored through {% data variables.product.prodname_sponsors %}, please mention this so that the team can help you migrate your sponsorships. +If you do not know your account password, you can request a password reset link to unlink your email address. + +{% data reusables.accounts.request-password-reset-link %} + +1. On {% data variables.product.prodname_dotcom %}, you will be prompted for your 2FA credentials. Under "Having problems?", click **Start a 2FA recovery request or unlink your account email address(es)**. +1. In the modal that appears, click **I understand, get started**. +{% data reusables.accounts.unlinking-email-address %} diff --git a/content/authentication/keeping-your-account-and-data-secure/updating-your-github-access-credentials.md b/content/authentication/keeping-your-account-and-data-secure/updating-your-github-access-credentials.md index 67cdfb4be9..b3517d0b77 100644 --- a/content/authentication/keeping-your-account-and-data-secure/updating-your-github-access-credentials.md +++ b/content/authentication/keeping-your-account-and-data-secure/updating-your-github-access-credentials.md @@ -24,9 +24,8 @@ shortTitle: Update access credentials ## Requesting a new password -1. To request a new password, visit {% ifversion fpt or ghec %}https://{% data variables.product.product_url %}/password_reset{% else %}`https://{% data variables.product.product_url %}/password_reset`{% endif %}. -1. Enter the email address associated with your account, then click **Send password reset email.** The email will be sent to the backup email address if you have one configured. -1. We'll email you a link that will allow you to reset your password. You must click on this link within 3 hours of receiving the email. If you didn't receive an email from us, make sure to check your spam folder. +{% data reusables.accounts.request-password-reset-link %} + 1. If you have enabled two-factor authentication, you will be prompted for your 2FA credentials: {% ifversion fpt or ghec %} * If you have {% data variables.product.prodname_mobile %}, you will be sent a push notification to verify your identity. Open the push notification or the {% data variables.product.prodname_mobile %} app and enter the two-digit code shown to you on the password reset page in your browser. @@ -38,7 +37,7 @@ shortTitle: Update access credentials * If you have set up [{% data variables.product.prodname_mobile %}](https://github.com/mobile), click **Authenticate with {% data variables.product.prodname_mobile %}** instead. {% endif %} {% ifversion 2fa-recovery-flow %} - * If you have forgotten your password and you've lost access to your two-factor authentication credentials, click **Start a 2FA recovery request**. For more information, see [AUTOTITLE](/authentication/securing-your-account-with-two-factor-authentication-2fa/recovering-your-account-if-you-lose-your-2fa-credentials). + * If you've lost access to your two-factor authentication credentials and your recovery codes, you can start account recovery request. See [AUTOTITLE](/authentication/securing-your-account-with-two-factor-authentication-2fa/recovering-your-account-if-you-lose-your-2fa-credentials#recovering-without-your-password-or-two-factor-authentication-credentials). {% endif %} 1. In the text field under **Password**, type a new password. Then, in the text field under **Confirm password**, type the password again. 1. Click **Change password**. For help creating a strong password, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-strong-password). diff --git a/content/authentication/securing-your-account-with-two-factor-authentication-2fa/recovering-your-account-if-you-lose-your-2fa-credentials.md b/content/authentication/securing-your-account-with-two-factor-authentication-2fa/recovering-your-account-if-you-lose-your-2fa-credentials.md index f21bbe0bf4..e4ca3602be 100644 --- a/content/authentication/securing-your-account-with-two-factor-authentication-2fa/recovering-your-account-if-you-lose-your-2fa-credentials.md +++ b/content/authentication/securing-your-account-with-two-factor-authentication-2fa/recovering-your-account-if-you-lose-your-2fa-credentials.md @@ -18,7 +18,7 @@ shortTitle: Recover an account with 2FA {% ifversion fpt or ghec %} > [!WARNING] -> * {% data reusables.two_fa.support-may-not-help %} +> {% data reusables.two_fa.support-may-not-help %} > [!NOTE] > {% data reusables.two_fa.unlink-email-address %} @@ -31,8 +31,8 @@ Use one of your recovery codes to automatically regain entry into your account. 1. Type your username and password to prompt authentication. - > [!WARNING] - > {% data reusables.accounts.you-must-know-your-password %} + > [!NOTE] + > If you do not know your password, you can use a recovery code after requesting a new password. See [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/updating-your-github-access-credentials#requesting-a-new-password). 1. Under "Having problems?", click **Use a recovery code{% ifversion fpt or ghec %} or begin 2FA account recovery{% endif %}**. 1. Type one of your recovery codes, then click **Verify**. @@ -60,7 +60,7 @@ If you lose access to your preferred TOTP app or phone number, you can provide a ## Authenticating with a verified device, SSH token, or {% data variables.product.pat_generic %} -If you know your password for {% data variables.product.prodname_dotcom %} but don't have the two-factor authentication credentials or your two-factor authentication recovery codes, you can have a one-time password sent to your verified email address to begin the verification process and regain access to your account. +If you know your password for {% data variables.product.prodname_dotcom %} but don't have the two-factor authentication credentials or your two-factor authentication recovery codes, you can have a one-time password sent to your verified email address to begin the verification process. You'll need to verify your identity using a recovery authentication factor, such as an SSH key or previously verified device. > [!NOTE] > For security reasons, regaining access to your account by authenticating with a one-time password can take up to three business days. {% data variables.product.company_short %} will not review additional requests submitted during this time. @@ -78,28 +78,32 @@ You can use your two-factor authentication credentials or two-factor authenticat 1. Click **Send one-time password** to send a one-time password to all eligible addresses associated with your account. Only verified emails are eligible for account recovery. If you've restricted password resets to your primary and/or backup addresses, these addresses are the only addresses eligible for account recovery. 1. Under "One-time password", type the temporary password from the recovery email {% data variables.product.prodname_dotcom %} sent, then click **Verify email address**. 1. {% data reusables.accounts.alternative-authentication %} + {% data reusables.accounts.alternative-authentication-note %} 1. {% data reusables.accounts.support-request-recovery %} {% endif %} {% ifversion 2fa-recovery-flow %} -## Requesting help with two-factor authentication +## Recovering without your password -If you have forgotten your password and you've lost access to your two-factor authentication credentials, you can start account recovery to regain access to your account. You'll need to verify your identity using a recovery authentication factor, such as an SSH key or previously verified device. If no recovery methods are available, you can choose to unlink your email address from your account. +If you have forgotten your password, you can request a new password. During the password reset process, you can use one of your two-factor authentication credentials or a recovery code. See [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/updating-your-github-access-credentials#requesting-a-new-password). -1. Click **Forgot password?**. -1. Enter a primary or backup email address associated with your account, then click **Send password reset email.** -1. Check your email for a link to reset your password. You must click on this link within three hours of receiving the email. If you don't see an email from us, make sure to check your spam folder. -1. Click on the link in the email, then under "Having problems?", click **Start a 2FA recovery request**. -1. To complete your recovery request, you'll need to verify an alternative authentication factor. {% data reusables.accounts.alternative-authentication %} +### Recovering without your password or two-factor authentication credentials + +If you have lost access to your two-factor authentication credentials and your recovery codes, you can start account recovery request. You'll need to verify your identity using a recovery authentication factor, such as an SSH key or previously verified device. + +{% data reusables.accounts.request-password-reset-link %} + +1. On {% data variables.product.prodname_dotcom %}, you will be prompted for your 2FA credentials. Under "Having problems?", click **Start a 2FA recovery request or unlink your account email address(es)**. +1. To complete your recovery request, you'll need to verify an alternative authentication factor. +{% data reusables.accounts.alternative-authentication %} + {% data reusables.accounts.alternative-authentication-note %} 1. {% data reusables.accounts.support-request-recovery %} -### Unlinking your email address +## Unlinking your email address -Alternatively, if no recovery methods are available, you can choose to unlink your email address from your account. The email address is then available for you to link it to a new or existing account, maintaining your commit history. For more information, see [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/unlinking-your-email-address-from-a-locked-account). - -{% data reusables.accounts.unlinking-email-address %} +If you have exhausted your recovery options, you can unlink your email address from your account. The email address is then available for you to link it to a new or existing account, maintaining your commit history. See [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/unlinking-your-email-address-from-a-locked-account#unlinking-without-your-password). {% endif %} diff --git a/data/reusables/accounts/alternative-authentication-note.md b/data/reusables/accounts/alternative-authentication-note.md new file mode 100644 index 0000000000..0a11ed420b --- /dev/null +++ b/data/reusables/accounts/alternative-authentication-note.md @@ -0,0 +1,2 @@ +> [!NOTE] +> For security reasons, an authentication factor may not be available for recovery, even if you've used that authentication method with the account before. For example, SSH keys are removed from accounts after a period of inactivity and verified devices are recorded with cookies, and won't be available if your browser deletes cookies regularly. diff --git a/data/reusables/accounts/alternative-authentication.md b/data/reusables/accounts/alternative-authentication.md index 3ad34028c7..787ec2b36e 100644 --- a/data/reusables/accounts/alternative-authentication.md +++ b/data/reusables/accounts/alternative-authentication.md @@ -1,4 +1,4 @@ Choose a recovery verification factor. - - If you've used your current device to log into this account before and would like to use the device for verification, click **Verify with this device**. Device verification is recorded with cookies, and won't be available if your browser deletes cookies regularly. + - If you've used your current device to log into this account before and would like to use the device for verification, click **Verify with this device**. - If you've previously set up an SSH key on this account and would like to use the SSH key for verification, click **SSH key**. - If you've previously set up a {% data variables.product.pat_generic %} and would like to use the {% data variables.product.pat_generic %} for verification, click **{% data variables.product.pat_generic_caps %}**. diff --git a/data/reusables/accounts/request-password-reset-link.md b/data/reusables/accounts/request-password-reset-link.md new file mode 100644 index 0000000000..d44adf2cf6 --- /dev/null +++ b/data/reusables/accounts/request-password-reset-link.md @@ -0,0 +1,5 @@ +1. To request a new password, visit {% ifversion fpt or ghec %}https://{% data variables.product.product_url %}/password_reset{% else %}`https://{% data variables.product.product_url %}/password_reset`{% endif %}. +1. Enter the email address associated with your account, then click **Send password reset email.** + > [!NOTE] + > Only primary and backup email addresses can be used to request a new password. Unless you have previously chosen a specific backup email address, all verified emails are considered backup email addresses. +1. {% data variables.product.prodname_dotcom %} will email you a link that will allow you to reset your password. You must click on this link within 3 hours of receiving the email. If you didn't receive an email from us, make sure to check your spam folder. diff --git a/data/reusables/accounts/unlinking-email-address.md b/data/reusables/accounts/unlinking-email-address.md index 4c5dc7c183..0d6e20a1b2 100644 --- a/data/reusables/accounts/unlinking-email-address.md +++ b/data/reusables/accounts/unlinking-email-address.md @@ -1,5 +1,5 @@ -1. To begin unlinking an email address from the locked account, click **Start unlinking email**. -1. On the "Unlink Email" screen, click **Continue**. +1. To begin unlinking, click **Start unlinking email**. +1. On the "Email unlink" screen, click **Continue**. {% data variables.product.prodname_dotcom %} will send a verification link to each email on the account. 1. In the inbox of the email account you want to unlink, open the email with the subject "[{% data variables.product.company_short %}] Unlink this email." * Optionally, to unlink multiple email accounts, in the inbox of each account you want to unlink, open the email with the subject "[{% data variables.product.company_short %}] Unlink this email," then complete the following steps. @@ -7,5 +7,9 @@ ![Screenshot of an email from {% data variables.product.prodname_dotcom %} to unlink an email address from a {% data variables.product.prodname_dotcom %} account. A link with the text "Unlink this email" is outlined in orange.](/assets/images/help/2fa/unlink-this-email.png) -1. To finish unlinking your email, in your account settings on {% data variables.product.prodname_dotcom %}, click **Unlink**. +1. To finish unlinking your email, click **Unlink**. 1. Optionally, to create a new account and link your newly unlinked email, click **Create a new account**. + > [!NOTE] + > You can also link your unlinked email to an existing {% data variables.product.prodname_dotcom %} account. See [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/adding-an-email-address-to-your-github-account). + +1. Optionally, if you have any form of payment set up on the locked account, please contact us through the {% data variables.contact.contact_support_portal %} to cancel future payments. For example, you might have a paid subscription or sponsor developers through {% data variables.product.prodname_sponsors %}. If you are sponsored through {% data variables.product.prodname_sponsors %}, please mention this so that the team can help you migrate your sponsorships. diff --git a/data/reusables/accounts/you-must-know-your-password.md b/data/reusables/accounts/you-must-know-your-password.md index e0daa499b4..ac271d50a4 100644 --- a/data/reusables/accounts/you-must-know-your-password.md +++ b/data/reusables/accounts/you-must-know-your-password.md @@ -1 +1 @@ -If you protect your personal account with two-factor authentication but do not know your password, {% ifversion 2fa-recovery-flow %} you will need to start a two-factor authentication recovery request. For more information, see [Request help with two-factor authentication](/authentication/securing-your-account-with-two-factor-authentication-2fa/recovering-your-account-if-you-lose-your-2fa-credentials#requesting-help-with-two-factor-authentication).{% else %}you will not be able to follow these steps to recover your account.{% data variables.product.company_short %} can send a password reset email to a verified address associated with your account. For more information, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/updating-your-github-access-credentials#requesting-a-new-password).{% endif %} +If you protect your personal account with two-factor authentication but do not know your password, {% ifversion 2fa-recovery-flow %} you will need to begin with a password reset request. For more information, see [Recovering without your password](/authentication/securing-your-account-with-two-factor-authentication-2fa/recovering-your-account-if-you-lose-your-2fa-credentials#recovering-without-your-password).{% else %}you will not be able to follow these steps to recover your account.{% data variables.product.company_short %} can send a password reset email to a verified address associated with your account. For more information, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/updating-your-github-access-credentials#requesting-a-new-password).{% endif %}