# Two-factor authentication (2FA)

#### 2FA (two-factor authentication) is a security method that requires two verification factors to confirm a user’s identity, making accounts much harder to compromise even if a password is stolen.

***

## General information

**GitProtect** supports two-factor authentication (aka **2FA**, multi-factor authentication, **MFA**) based on an authenticator application. To use **2FA** with your **GitProtect** account, you have to first enable **MFA** in your **GitProtect Management Service** admin panel, and then set it up.

## Enabling 2FA in GitProtect

{% stepper %}
{% step %}
Click your profile icon in the top-right corner of your **Management Service** panel and select **Account**.

<figure><img src="https://696332517-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtsE6XtJyUIEKVdSxPlS3%2Fuploads%2FRnNYGPuyUiYGYIZvTaAF%2Fimage.png?alt=media&#x26;token=ee5a38e7-f2e5-449c-a1cb-ccfbf078f52b" alt=""><figcaption><p><em>Account settings in GitProtect.</em></p></figcaption></figure>
{% endstep %}

{% step %}
Toggle **Two-factor authentication** button and click **Save** in the bottom-right.

<figure><img src="https://696332517-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtsE6XtJyUIEKVdSxPlS3%2Fuploads%2FqbXIZcikNh1OmGo7BRzo%2Fimage.png?alt=media&#x26;token=d6797c09-f656-42d1-95bb-551249cbef13" alt=""><figcaption><p><em>2FA option turned on.</em></p></figcaption></figure>
{% endstep %}

{% step %}
You will see the change confirmation in the top-right corner of the screen. Once done, log out of your **Management Service**, then log back in to trigger **2FA** setup.
{% endstep %}
{% endstepper %}

***

## 2FA setup in GitProtect

{% hint style="danger" %}
With **2FA** turned on in **Management Service**, you will be prompted to complete the authenticator app setup during your next login. All subsequent logins will require a successful two-factor verification.
{% endhint %}

{% stepper %}
{% step %}
Scan the QR code or copy the secret key to your authenticator app. Enter the code from your authenticator app in the designated fields. Once done, click **Verify now** to finish the application setup.

<figure><img src="https://696332517-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtsE6XtJyUIEKVdSxPlS3%2Fuploads%2Fd7hVtRMnTWGW0tEJGdrS%2Fimage.png?alt=media&#x26;token=b4645636-1f22-41f4-bfbd-304bac59303d" alt=""><figcaption></figcaption></figure>
{% endstep %}

{% step %}
If the verification is successful, you will see a confirmation message.

Below the message you will find your recovery codes — save them before you go to the management console app. If you fail o save the codes right away, you can generate them later in your **Management Service** account settings.

<figure><img src="https://696332517-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtsE6XtJyUIEKVdSxPlS3%2Fuploads%2FpM2CdGwL3UPObZuCmTgw%2Fimage.png?alt=media&#x26;token=d9bc5e10-7160-42cb-895b-b96b9462daee" alt=""><figcaption></figcaption></figure>
{% endstep %}

{% step %}
Your **MFA** setup is now complete. Next time you login to your **Management Service** panel, you will be prompted to verify yourself with **MFA**.
{% endstep %}
{% endstepper %}

***

## Recovery codes

If you lose access to your authenticator app, you can log in to **Management Service** using one of the recovery codes generated during 2FA setup.

{% hint style="danger" %}
**Each code is valid for a single login only** — once used, it expires.
{% endhint %}

Unused codes do not expire over time; they remain active until used or until new codes are generated, either manually or by re-registering the **2FA**.

If you have used several codes or suspect they have been compromised, you can generate a new set by going to ⚙️ **Settings** > **Accounts** > **Edit account** and clicking **Generate recovery codes** button.

<figure><img src="https://696332517-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtsE6XtJyUIEKVdSxPlS3%2Fuploads%2F43a78ZyLJS7F1eRyOOkT%2FMulti-factor%20authentication%20-%20Generate%20new%20codes.png?alt=media&#x26;token=543d6ebe-70a9-4085-ac98-ad05d88f3ca9" alt=""><figcaption></figcaption></figure>

***

## Reconfiguring the authenticator app

{% stepper %}
{% step %}
Log in to your account (use a recovery code if your authentication device is lost or otherwise unavailable).
{% endstep %}

{% step %}
Go to **⚙️ Settings** > **Accounts** > **Edit account**.
{% endstep %}

{% step %}
Toggle **Two-factor authentication** off to disable it and **save the change**. Then toggle it back on and **save the change again**.

<figure><img src="https://696332517-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtsE6XtJyUIEKVdSxPlS3%2Fuploads%2FTqghmR6iAgbUlLQIDyX4%2FMulti-factor%20authentication%20-%20Disable%202fa.png?alt=media&#x26;token=91fdb909-307a-417d-9a3a-235d3b7a5910" alt=""><figcaption></figcaption></figure>
{% endstep %}

{% step %}
Your 2FA configuration is now reset. During your next sign-in, you will be prompted to complete the authenticator app setup.
{% endstep %}
{% endstepper %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://helpcenter.gitprotect.io/login-and-password/two-factor-authentication-2fa.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.