Your Backup codes - Important

Commissario
Joined
16 Oct 2002
Posts
342,938
Location
In the radio shack
When you first set up 2FA on your forum account, you'll have been offered a set of backup codes. You can use these codes to get back into your account if you have a problem with the authentication method. If you change your phone and don't transfer it over, if you delete the app, or if anything else happen to cause you problems with the authenticator, these backup codes can help get you back into your account quickly and easily without having to contact us.

We know from experience that many people don't save these backup codes or they forget where they've saved them or they save them on their phone, which they then wipe when they upgrade. Or they put them in a text document on their PC and promptly forget about them.

Please, please make sure you've got a copy of the backup codes for your account and that you know where they are.

Click on your name in the top right, select Password and security, click the change button next to Two-step verification, enter your password when prompted and then click the Manage button next to Backup codes.

Take a copy of these codes, save them somewhere that they're accessible. Save them to your One Drive, your Google Drive, your iCloud. If you have a password manager, save them in the 'notes' section of your OcUK account. If you just save passwords on a text document somewhere, save them in there as well. If you have a 'contacts' app that syncs with the cloud, save them under your own name. Put them on the USB stick you have hanging from your keyring.

I'm sure you get the idea here, save these codes somewhere safe where you can access them on multiple devices.

Also check this while you're in your account settings.

This will not just benefit you recovering your account on the OcUK forum. When you set up 2FA anywhere, you should be offered backup codes. Save them. If you lose your 2FA authenticator for any reason, you'll need to contact every single place you have 2FA enabled to recover your account which will be a major pain in the arse. For your own sanity, always save 2FA backup codes when offered by any site.
 
It’s not just OCUK, nearly every site that uses 2FA via an Authenticator will issue codes, save them all.
This.

Imagine you lose your authenticator app and you're signed up to [say] twenty places using 2FA. If you don't have your backup codes, you're going to have to make the effort to contact each and every one of those places to recover your account. If you have your backup codes, you won't need to do this.

Since the 19th November, we've had seventeen members contact us to help get back into their account. Seventeen! No doubt those seventeen people have had to contact multiple other places to recover their accounts.

Please, please save the backup codes. Please.
 
Backup codes just logged me in and didn't ask to reset. Prior to the codes I reset the 2FA authenticator on my PC. It's those new auth codes that were rejected when I tried to login on my phone.

Do I need to re-reset them?
I would disable and re-enable 2FA on your account then make sure you save the new set of backup codes you’re given.

/edit - if you have problems either start a thread in FCD or (if you get locked out) use the ‘contact’ thing at the bottom of the page but you should be OK.
 
^^ this is why I never grab firstname.secondname I used to but then realised people will spam it a lot more so I deleted it and got a different one.
I learned this the hard way, except to the extreme. I signed up on the first day that BT Internet went live and my original email address was simply [email protected]. Can you imagine how much rubbish I used to get.
 
I wish I knew what it would take to get people to save their codes. Despite that huge announcement that we regularly reset to force it to show again, I still get a minimum of four requests a week to disable 2FA because members have changed phones, lost phones, lost their authenticator app etc.

The crazy thing is that it doesn't just affect them logging in here, they'll have lost access to every single site they access with 2FA.
 
I can see from the support emails that there have been FOUR more instances already this week where people haven't saved their backup codes, have changed phones and lost their 2FA. It's only Wednesday.

For goodness sake, save the damn codes!
 
Back
Top Bottom