Content deleted Content added
Replace "scratch code" -> "recovery code" per phab:T354031 |
|||
| (8 intermediate revisions by 5 users not shown) | |||
Line 23:
{{shortcut|H:ACCESS2FA}}
On the English Wikipedia, the following groups automatically have access to 2FA:
* [[Wikipedia:Administrators|Administrators]]<ref>Additionally, [[Wikipedia:Bureaucrats|bureaucrats]], [[Wikipedia:CheckUser|checkusers]], [[Wikipedia:Interface administrators|interface administrators]], and [[Wikipedia:Oversight|oversighters]] have access, but these groups normally only include administrators.</ref>
* [[Wikipedia:Edit filter|Edit filter managers]]
* [[Wikipedia:Page mover|Page movers]]
* [[Wikipedia:Template editor|Template editors]]
If you are not in one of these groups, you need to submit a request at [[:m:Steward requests/Global permissions#Requests for 2 Factor Auth tester permissions]] to obtain access to 2FA (see [[m:Steward requests/Global permissions/2022-12#Requests_for_2_Factor_Auth_tester_permissions|request examples]]), explicitly mentioning that you have read [[meta:Help:Two-factor authentication|Help:Two-factor authentication on Meta]] (which is '''not''' the page you're reading now). Most users need to request access before they can use 2FA.
Line 50:
#** Android: Download from [https://play.google.com/store/apps/details?id=com.beemdevelopment.aegis Google Play] or [https://f-droid.org/en/packages/com.beemdevelopment.aegis/ F-Droid]
#* '''[https://support.apple.com/en-us/guide/iphone/ipha6173c19f/ios Apple Passwords]''' (iOS)
#* '''[https://github.com/andOTP/andOTP AndOTP]''' (Android): free and open-source (development discontinued<ref>{{cite web |author=((flocke000)) |title=[Unmaintained][App][4.4+][Open source] andOTP - Open source two-factor authentication for Android |url=https://forum.xda-developers.com/t/unmaintained-app-4-4-open-source-andotp-open-source-two-factor-authentication-for-android.3636993/post-87021655 |website=forum.xda-developers.com |access-date=2022-11-09 |date=2022-06-14}}</ref>)
#** Android: Download from [https://play.google.com/store/apps/details?id=org.shadowice.flocke.andotp Google Play]
#* '''[https://mattrubin.me/authenticator/ Authenticator]''' (iOS): free and open-source
#** iOS: Download from the [https://apps.apple.com/us/app/authenticator/id766157276 App Store]
#*[https://ente.io/auth/ '''Ente Auth'''] (Android, iOS): free and open source. Allows viewing (but not adding) 2FA details on web/PC.
#* '''[[FreeOTP]]''' (Android, iOS): free and open-source
#** Android: Download from [https://play.google.com/store/apps/details?id=org.fedorahosted.freeotp Google Play] or [https://f-droid.org/packages/org.fedorahosted.freeotp/index.html.en F-Droid]
Line 65 ⟶ 66:
#*'''Numberstation'''
#**True Linux on mobile (Mobian, Ubuntu Touch, and [[Mobile operating system#Fully open-source, mixed copyleft and permissive licenses| similar OSes]], but ''not'' Android): Install through your [[package manager]], either in the command terminal, or via [[AppStream]] (if you have it installed) with the button [https://linuxphoneapps.org/apps/org.postmarketos.numberstation/ here].
# Go to [[Special:Manage Two-factor authentication]]. Click "Enable" next to "TOTP (one-time token)", and log in with your username and password.
# The recommended authentication method is to scan a [[QR code]] in the app. In "Step 2" of the setup page, there is a box with a pattern which you have to point your device's camera toward. (Your device might ask you for permission to use the camera first.)
Line 140:
== Changing your authentication device ==
For any reason you may want to change your authentication device. This could be to move your authentications to a replacement computer or mobile device (for example if you buy a new smartphone). There is not currently a ''transfer'' function,<ref>[[phab:T172079]] is open to request a transfer function</ref> however you may accomplish this by [[#Disabling_2FA|turning off 2FA]], and then re-enrolling with your new device. Some applications also support cross-device synchronisation, or allow you to export 2FA details to be imported in another app.
== Recovery codes ==
Line 205:
=== Clock drift ===
If your 2FA device's [[Clock drift|clock becomes too inaccurate]], it will generate the wrong verification codes and you will not be able to log in. To prevent this, the 2FA device's clock should be kept reasonably accurate. Most smartphones and computers keep the clock in sync when they are connected to the Internet, and you will most likely not have to do anything as long as your device is online.
=== Users who are not in certain user groups ===
Currently users who are not Administrators <ref>Additionally, [[Wikipedia:Bureaucrats|bureaucrats]], [[Wikipedia:CheckUser|checkusers]], [[Wikipedia:Interface administrators|interface administrators]], and [[Wikipedia:Oversight|oversighters]] have access, but these groups normally only include administrators.</ref>
Edit filter managers, Page movers, and/or Template editors will have to submit a request at [[:m:Steward requests/Global permissions#Requests for 2 Factor Auth tester permissions]] to obtain access to 2FA (see [[m:Steward requests/Global permissions/2022-12#Requests_for_2_Factor_Auth_tester_permissions|request examples]]) this means most users will have to submit a request there.
== WebAuthn ==
[[File:Two-factor authentication on Wikimedia as of 2025 with WebAuthn screenshot.webp|thumb|Configuring WebAuthn as two-factor authentication]]
[[mw:Extension:WebAuthn|WebAuthn]] is another two-factor mechanism that may be enabled; it is currently not recommended as there is [[phab:T244348|no recovery mechanism]] for lost keys and it has less support from community volunteers. If you use WebAuthn and have a technical issue, you may lose access to your account forever.
WebAuthn is not currently supported on the mobile apps (see [[phab:T230043|T230043]]).
| |||