jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-22 03:16:52 -05:00
Code Issues Projects Releases Wiki Activity
Files
c1623f665146812b51dedab77a9b4c7b02e2e91f
docs/content/authentication/securing-your-account-with-two-factor-authentication-2fa/accessing-github-using-two-factor-authentication.md
Eli Perkins b3fee72288 [Jan 25, 2022] Add documentation for 2FA with GitHub Mobile (#24133) 
* Add documentation for 2FA with GitHub Mobile

* Fix unordered list for GitHub Mobile features

* Prefer "logging in to" over "logging into"

Co-authored-by: Brian Lovin <brianlovin@github.com>

* Indicate that GitHub Mobile is secondary

* Further indicate that GitHub Mobile is most like security keys

* Prefer "sign in" over "log in"

Co-authored-by: Zachary Sierakowski <zacharysierakowski@github.com>

* Fix unintended edit

Co-authored-by: Zachary Sierakowski <zacharysierakowski@github.com>

* Prefer active voice

Co-authored-by: hubwriter <hubwriter@github.com>

* Add missing punctuation

Co-authored-by: hubwriter <hubwriter@github.com>

* Fix phrasing of mobile 2FA CTA

Co-authored-by: hubwriter <hubwriter@github.com>

* Apply suggestions from code review

Co-authored-by: hubwriter <hubwriter@github.com>

* Prefer active voice

Co-authored-by: hubwriter <hubwriter@github.com>

* Update "secondary" phrasing for mobile 2FA

Co-authored-by: hubwriter <hubwriter@github.com>

* Add info about skipping security key

Co-authored-by: Joshua Walker <3141202+joshuawalker@users.noreply.github.com>

Co-authored-by: Brian Lovin <brianlovin@github.com>
Co-authored-by: Zachary Sierakowski <zacharysierakowski@github.com>
Co-authored-by: hubwriter <hubwriter@github.com>
Co-authored-by: Joshua Walker <3141202+joshuawalker@users.noreply.github.com>
2022-01-25 15:21:10 +00:00

92 lines
7.0 KiB
Markdown
Raw Blame History

---
title: Accessing GitHub using two-factor authentication
intro: 'With 2FA enabled, you''ll be asked to provide your 2FA authentication code, as well as your password, when you sign in to {% data variables.product.product_name %}.'
redirect_from:
- /articles/providing-your-2fa-security-code
- /articles/providing-your-2fa-authentication-code
- /articles/authenticating-to-github-using-fido-u2f-via-nfc
- /articles/accessing-github-using-two-factor-authentication
- /github/authenticating-to-github/accessing-github-using-two-factor-authentication
- /github/authenticating-to-github/securing-your-account-with-two-factor-authentication-2fa/accessing-github-using-two-factor-authentication
versions:
fpt: '*'
ghes: '*'
ghec: '*'
topics:
- 2FA
shortTitle: Access GitHub with 2FA
---
With two-factor authentication enabled, you'll need to provide an authentication code when accessing {% data variables.product.product_name %} through your browser. If you access {% data variables.product.product_name %} using other methods, such as the API or the command line, you'll need to use an alternative form of authentication. For more information, see "[About authentication to {% data variables.product.prodname_dotcom %}](/github/authenticating-to-github/about-authentication-to-github)."
## Providing a 2FA code when signing in to the website
After you sign in to {% data variables.product.product_name %} using your password, you'll be prompted to provide an authentication code from {% ifversion fpt or ghec %}a text message or{% endif %} your TOTP app.
{% data variables.product.product_name %} will only ask you to provide your 2FA authentication code again if you've logged out, are using a new device, or your session expires.
### Generating a code through a TOTP application
If you chose to set up two-factor authentication using a TOTP application on your smartphone, you can generate an authentication code for {% data variables.product.product_name %} at any time. In most cases, just launching the application will generate a new code. You should refer to your application's documentation for specific instructions.
If you delete the mobile application after configuring two-factor authentication, you'll need to provide your recovery code to get access to your account. For more information, see "[Recovering your account if you lose your two-factor authentication credentials](/articles/recovering-your-account-if-you-lose-your-2fa-credentials)"
{% ifversion fpt or ghec %}
### Receiving a text message
If you set up two-factor authentication via text messages, {% data variables.product.product_name %} will send you a text message with your authentication code.
### Verifying with {% data variables.product.prodname_mobile %}
If you have installed and signed in to {% data variables.product.prodname_mobile %}, you may choose to authenticate with {% data variables.product.prodname_mobile %} for two-factor authentication.
1. Sign in to {% data variables.product.product_name %} with your browser, using your username and password.
2. If you have added a security key to your account, you'll first be prompted to insert and use a security key. To skip using a security key, click **Authenticate with {% data variables.product.prodname_mobile %}**.
![Two-factor authentication challenge on {% data variables.product.product_name %} with "Authenticate with {% data variables.product.prodname_mobile %}" highlighted](/assets/images/help/2fa/2fa-select-mobile.png)
3. {% data variables.product.product_name %} will send you a push notification to verify your sign in attempt. Opening the push notification or opening the {% data variables.product.prodname_mobile %} app will display a prompt, asking you to approve or reject this sign in attempt.
{% note %}
**Note**: This prompt may require you to enter a two-digit number displayed within the browser you are signing in to.
{% endnote %}
![Two-factor authentication challenge with {% data variables.product.prodname_mobile %} requiring a two-digit input](/assets/images/help/2fa/2fa-mobile-number-challenge.png)
- Upon approving the login attempt using {% data variables.product.prodname_mobile %}, your browser will complete the sign in attempt automatically.
- Rejecting the sign in attempt will prevent the authentication from finishing. For more information, see "[Keeping your account and data secure](/authentication/keeping-your-account-and-data-secure)."
{% endif %}
## Using two-factor authentication with the command line
After you've enabled 2FA, you must use a personal access token or SSH key instead of your password when accessing {% data variables.product.product_name %} on the command line.
### Authenticating on the command line using HTTPS
After you've enabled 2FA, you must create a personal access token to use as a password when authenticating to {% data variables.product.product_name %} on the command line using HTTPS URLs.
When prompted for a username and password on the command line, use your {% data variables.product.product_name %} username and personal access token. The command line prompt won't specify that you should enter your personal access token when it asks for your password.
For more information, see "[Creating a personal access token](/github/authenticating-to-github/creating-a-personal-access-token)."
### Authenticating on the command line using SSH
Enabling 2FA doesn't change how you authenticate to {% data variables.product.product_name %} on the command line using SSH URLs. For more information about setting up and using an SSH key, see "[Connecting to {% data variables.product.prodname_dotcom %} with SSH](/articles/connecting-to-github-with-ssh/)."
## Using two-factor authentication to access a repository using Subversion
When you access a repository via Subversion, you must provide a personal access token instead of entering your password. For more information, see "[Creating a personal access token](/github/authenticating-to-github/creating-a-personal-access-token)."
## Troubleshooting
If you lose access to your two-factor authentication credentials, you can use your recovery codes or another recovery method (if you've set one up) to regain access to your account. For more information, see "[Recovering your account if you lose your 2FA credentials](/articles/recovering-your-account-if-you-lose-your-2fa-credentials)."
If your authentication fails several times, you may wish to synchronize your phone's clock with your mobile provider. Often, this involves checking the "Set automatically" option on your phone's clock, rather than providing your own time zone.
## Further reading
- "[About two-factor authentication](/articles/about-two-factor-authentication)"
- "[Configuring two-factor authentication](/articles/configuring-two-factor-authentication)"
- "[Configuring two-factor authentication recovery methods](/articles/configuring-two-factor-authentication-recovery-methods)"
- "[Recovering your account if you lose your two-factor authentication credentials](/articles/recovering-your-account-if-you-lose-your-2fa-credentials)"
Reference in New Issue View Git Blame Copy Permalink