Commit 3659d3b5 authored by Job van der Voort's avatar Job van der Voort

Merge branch 'security' into 'master'

Added note about backing up recovery codes

Several people have tried to recover their 2FA codes. I think we could be more clear about it in the docs.

This is why I added a section about it at the top, so they read it before enabling them.

https://twitter.com/deathgreps/status/632006221814464512
https://twitter.com/benniemosher/status/633768429313372160

See merge request !1923
parents 72a425fa b04914ab
...@@ -8,6 +8,10 @@ your phone. ...@@ -8,6 +8,10 @@ your phone.
By enabling 2FA, the only way someone other than you can log into your account By enabling 2FA, the only way someone other than you can log into your account
is to know your username and password *and* have access to your phone. is to know your username and password *and* have access to your phone.
#### Note
When you enable 2FA, don't forget to back up your recovery codes. For your safety, if you
lose your codes for GitLab.com, we can't disable or recover them.
## Enabling 2FA ## Enabling 2FA
**In GitLab:** **In GitLab:**
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment