Commit 83e59db5 authored by Job van der Voort's avatar Job van der Voort

Merge branch 'rs-2fa-docs' into 'master'

Add 2FA docs

See merge request !757
parents fb59f04f 41ee2aa2
...@@ -11,6 +11,7 @@ ...@@ -11,6 +11,7 @@
- [Migrating from SVN to GitLab](migrating_from_svn.md) - [Migrating from SVN to GitLab](migrating_from_svn.md)
- [Project importing from GitHub to GitLab](import_projects_from_github.md) - [Project importing from GitHub to GitLab](import_projects_from_github.md)
- [Project importing from GitLab.com to your private GitLab instance](import_projects_from_gitlab_com.md) - [Project importing from GitLab.com to your private GitLab instance](import_projects_from_gitlab_com.md)
- [Two-factor Authentication (2FA)](two_factor_authentication.md)
- [Protected branches](protected_branches.md) - [Protected branches](protected_branches.md)
- [Change your time zone](timezone.md) - [Change your time zone](timezone.md)
- [Keyboard shortcuts](shortcuts.md) - [Keyboard shortcuts](shortcuts.md)
......
# Two-factor Authentication (2FA)
Two-factor Authentication (2FA) provides an additional level of security to your
GitLab account. Once enabled, in addition to supplying your username and
password to login, you'll be prompted for a code generated by an application on
your phone.
By enabling 2FA, the only way someone other than you can log into your account
is to know your username and password *and* have access to your phone.
## Enabling 2FA
**In GitLab:**
1. Log in to your GitLab account.
1. Go to your **Profile Settings**.
1. Go to **Account**.
1. Click **Enable Two-factor Authentication**.
![Two-factor setup](2fa.png)
**On your phone:**
1. Install a compatible application. We recommend [Google Authenticator].
1. In the application, add a new entry in one of two ways:
* Scan the code with your phone's camera to add the entry automatically.
* Enter the details provided to add the entry manually.
**In GitLab:**
1. Enter the six-digit pin number from the entry on your phone into the **Pin
code** field.
1. Click **Submit**.
If the pin you entered was correct, you'll see a message indicating that
Two-factor Authentication has been enabled, and you'll be presented with a list
of recovery codes.
## Recovery Codes
Should you ever lose access to your phone, you can use one of the ten provided
backup codes to login to your account. We suggest copying or printing them for
storage in a safe place. **Each code can be used only once** to log in to your
account.
If you lose the recovery codes or just want to generate new ones, you can do so
from the **Profile Settings** > **Acount** page where you first enabled 2FA.
## Logging in with 2FA Enabled
Logging in with 2FA enabled is only slightly different than a normal login.
Enter your username and password credentials as you normally would, and you'll
be presented with a second prompt for an authentication code. Enter the pin from
your phone's application or a recovery code to log in.
![Two-factor authentication on sign in](2fa_auth.png)
## Disabling 2FA
1. Log in to your GitLab account.
1. Go to your **Profile Settings**.
1. Go to **Acount**.
1. Click **Disable Two-factor Authentication**.
[Google Authenticator]: https://support.google.com/accounts/answer/1066447?hl=en
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment