Page MenuHomePhabricator

Phabricator multi-factor auth (2fa) should provide printable recovery codes
Open, Needs TriagePublic

Description

Phabricator's multi-factor auth doesn't provide any way to recover or reset the configuration as a user; it's fairly standard to be able to reset them from one-time-use codes printed or saved during setup or after.

Because of this, when my phone died recently and needed to be replaced, Phabricator was the only dev tool that I needed to ask for manual intervention from a sysadmin to reconfigure.

Prior art examples:

  • GitHub lets you download or print one-time-use codes
  • Google lets you download or print one-time-use codes
  • MediaWiki lets you print one-time reset codes at setup time