Recovery Codes
Recovery codes are single-use backup codes that let you sign in when you can't access your authenticator app.
When You Get Recovery Codes
Recovery codes are displayed automatically when you first enable MFA. They appear in a two-column grid with a Copy all button. Save them in a secure location before clicking Done.
Using a Recovery Code
Recovery codes can be used in place of your 6-digit TOTP code during sign-in:
- On the Enter verification code screen, enter a recovery code in the Code field instead of your 6-digit TOTP code.
- Click Verify.
After a recovery code is used, it becomes invalid and cannot be used again.
Checking Remaining Codes
Navigate to Security in the sidebar. In the Two-Factor Authentication section, you'll see Recovery codes remaining: X showing how many unused codes you have left.
Regenerating Recovery Codes
If you've used most of your codes or want to invalidate the existing ones:
- Navigate to Security in the sidebar.
- In the Two-Factor Authentication section, click Regenerate Recovery Codes.
- New codes are displayed in a two-column grid.
- Click Copy all to save them, then click Done.
Regenerating codes invalidates all previous recovery codes. Make sure to save the new ones.
Best Practices
- Store securely — Keep recovery codes in a password manager or encrypted storage
- Don't share — Recovery codes are equivalent to your password + MFA combined
- Regenerate when low — If you have fewer than 2 codes remaining, regenerate them
- Print a backup — Consider printing codes and storing them in a secure physical location
Next Steps
- MFA Setup — Enable or disable MFA
- Change Password — Update your password
API Reference: For programmatic access, see Recovery Codes.