Recovery Codes
Overview
Recovery Codes act as a backup authentication method when a user is unable to access their primary 2FA method.
This can happen in cases like:
- Lost or unavailable device
- No access to authenticator app
- Temporary technical issues
In such situations, recovery codes allow users to securely log in.
How It Works
- Each user is provided with 8 recovery codes
- Each code:
- Is 15 digits long
- Can be used only once
- Users can download and store these codes for future use
- If new recovery codes are generated:
- All previously generated codes become invalid
Using a Recovery Code
- Go to the login page
- Enter username/email and password
- When prompted for 2FA: Select Recovery Code option
- Enter one of the saved recovery codes
- On successful verification → user is logged in
Example Scenario
If a user loses access to their phone (with the authenticator app), they can still log in using a saved recovery code and then reconfigure 2FA.