Kwatanta Nazarce-nazarce

2fa, 2step

Enable two-step authentication to protect your Mozilla account from unauthorized access. Learn how.

Two-step authentication (also known as two-factor authentication or 2FA) adds an extra layer of protection to your Mozilla account, especially if your password is compromised. Once enabled, signing in requires both your password and a unique authentication code generated by an authenticator app. This prevents unauthorized access to your account even if someone knows your password. __TOC__ =How do I enable two-step authentication?= ==Step one - Choose an authenticator app== Before you get started, install the authenticator application of your choice. Here are some options (this is not an exclusive list of supported applications): *Ente Auth: [https://github.com/ente-io/ente/releases?q=tag%3Aauth-v4 GitHub] (Windows, Linux, Android & macOS), [https://apps.apple.com/us/app/ente-auth/id6444121398 App Store] (iOS), [https://play.google.com/store/apps/details?id=io.ente.auth Google Play] & [https://f-droid.org/packages/io.ente.auth/ F-Droid] (Android). The basic [https://auth.ente.io web version] is only for those who downloaded the above apps. Includes backups. *Zoho OneAuth: [https://play.google.com/store/apps/details?id=com.zoho.accounts.oneauth Android], [https://apps.apple.com/us/app/authenticator-app-oneauth/id1142928979 iOS & macOS], [https://apps.microsoft.com/detail/9npg98qlh8jn Windows]. Includes backups. *Twilio Authy Authenticator: [https://play.google.com/store/apps/details?id=com.authy.authy Android], [https://apps.apple.com/us/app/twilio-authy/id494168017 iOS & macOS]. Includes backups. *Google Authenticator: [https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2 Android], [https://apps.apple.com/us/app/google-authenticator/id388497605 iOS & macOS]. *Duo Mobile: [https://play.google.com/store/apps/details?id=com.duosecurity.duomobile Android], [https://apps.apple.com/us/app/duo-mobile/id422663827 iOS & macOS]. *FreeOTP: [https://play.google.com/store/apps/details?id=org.fedorahosted.freeotp Android], [https://apps.apple.com/us/app/freeotp-authenticator/id872559395 iOS & macOS]. *KeepassXC: [https://keepassxc.org/download/#linux Linux], [https://keepassxc.org/download/#mac macOS], [https://keepassxc.org/download/#windows Windows]. {note}'''Note:''' A backup is a stored copy of data that can be used to restore the original after data loss.{/note} ==Step two - Connect your authenticator app== Now that one of the applications is installed, you can set up two-step authentication for your Mozilla account: [[Image:Add 2fa button]] #Sign in to your [https://accounts.firefox.com Mozilla account], then open your [https://accounts.firefox.com/settings Mozilla account settings]. Alternatively, click your Mozilla account in the Firefox toolbar and select '''Manage account'''. #*You can also click the menu [[Image:TB68_Hamburger_Menu_Button_Win]] button in Firefox, select your Mozilla account, and then click '''Manage account'''. #On the Mozilla accounts page, under ''Security'', click the {button Add} button next to '''Two-step authentication'''. #Open the authenticator app of your choice and scan the QR code that appears on your computer. #;[[Image:Step 1 of 3|width=350]] #*You can also click '''Can’t scan code?''' to display a code you can enter manually into your authenticator app. #;{note}'''Tip:''' If you are entering the code manually on Authy, search Mozilla to get the latest logo.{/note} #Enter the code generated by the authenticator app into the field below the QR code, and click {button Continue}. #;[[Image:Now enter authentication code|width=350]] ==Step three – Set up a recovery method== At this step, you’ll be asked to set up a recovery method for your Mozilla account. This is '''required''' to complete two-step authentication (2FA) setup. Most users will see a list of backup authentication codes at this step but, depending on your eligibility, you may see a prompt allowing you to choose between: *'''Backup authentication codes''' – a list of one-time use codes to save in a secure location. *'''Recovery phone''' – a phone number that can receive a one-time password (OTP) via SMS if you lose access to your authenticator app. {note}'''Important:''' If you lose access to your authenticator app, haven't saved your backup authentication codes, or haven’t set up a recovery phone, you will be '''locked out''' of your account and won’t be able to access your synced data, including saved passwords, bookmarks and settings.{/note} ===Backup authentication codes=== #A list of one-time use backup authentication codes will be displayed. These codes can be used in the event you lose access to the authenticator app you just set up. #;[[Image:Backup codes|width=350]] #Download, copy or print your backup authentication codes, and save them in a safe place. Click {button Continue}. #Paste one of the codes to confirm that you have saved them (if you haven't, click the arrow on the left to go back to the list of codes). #;[[Image:Step 2 Finish|width=350]] #Click {button Finish}. The setup of two-step authentication on your Mozilla account is now complete! ==Recovery phone== [[Template:progressiverollout]] A new optional feature, initially available to users in the US and Canada, allows you to add a recovery phone number to your account. If you lose access to your authenticator app, you can request a one-time password (OTP) via SMS to regain access to your Mozilla account. ;[[Image:Enabled 2fa add phone|width=800]] {warning}'''Security warning:''' While this provides an additional recovery option, it also comes with the risk of SIM swap attacks. Attackers can trick your mobile carrier into transferring your phone number to a new SIM card, allowing them to receive your 2FA codes and access your account. SMS messages can also be intercepted by certain types of attacks, making them less secure than other 2FA methods.{/warning} Follow the steps below to set up your recovery phone number: #Enter your phone number. #Click the {button Send code} button to receive the verification code in a text message to confirm your number. #;[[Image:Add a recovery phone number|width=350]] #Enter the six-digit code, and click {button Confirm}. #;[[Image:Enter verification code|width=350]] #Recovery phone will now be available as a recovery method in the event that you can’t use your authenticator app to sign in. Rate limits may apply. #;[[Image:Recovery phone saved|width=800]] ===How to remove your recovery phone number=== You can remove your recovery phone number from your Mozilla account settings. Follow the steps below to learn how. #Sign in to your [https://accounts.firefox.com Mozilla account], then open your [https://accounts.firefox.com/ Mozilla account settings]. #In the ''Security'' section, go to '''Recovery Phone'''. #Click the [[Image:IG trash]] button. #You will be asked to confirm that you want delete your recovery phone number. Please note that a recovery method is required for 2FA - if you want to remove your phone number, you may need to create a set of backup authentication codes before being allowed to proceed. Alternatively, you may choose to change your phone number or to disable two-step authentication entirely. =Related articles= *[[What if I'm locked out of Two-Step Authentication?]] *[[Change your two-step authentication device for your Mozilla account]] *[[Review your Mozilla account activity and protect your data]]