codingstuff.io
ExploreTutorialsProblemsCS Subjects
Get Started
ExploreTutorialsProblemsCS Subjects
Get Started
codingstuff.io

Master the art of building software through interactive tutorials, real-world problems, and guided projects.

Pune, Maharashtra, India

codingstuffmail@gmail.com

Product

  • Explore
  • Tutorials
  • Problems
  • CS Subjects

Company

  • About
  • Contact
  • Privacy Policy
  • Terms & Conditions
  • Sitemap

© 2026 codingstuff.io. All rights reserved.

Built with ❤️ for developers everywhere

/
/
All Tutorials
📦

Git & GitHub

57 / 63 topics
55Security Best Practices for Git and GitHub56Using SSH Keys with Git and GitHub57Enabling Two-Factor Authentication on GitHub58Auditing Repository Activity on GitHub
Tutorials/Git & GitHub/Enabling Two-Factor Authentication on GitHub
📦Git & GitHub

Enabling Two-Factor Authentication on GitHub

Updated 2026-04-20
4 min read

Enabling Two-Factor Authentication (2FA) on GitHub

Introduction

Two-Factor Authentication (2FA) is an essential security measure that adds an extra layer of protection to your GitHub account. By enabling 2FA, you ensure that even if someone gains access to your password, they would still need a second form of verification to log in. This tutorial will guide you through the process of setting up 2FA on GitHub using both authentication apps and SMS.

Prerequisites

Before you begin, make sure you have the following:

  • A GitHub account with administrative privileges.
  • Access to your mobile phone for receiving SMS codes or installing an authentication app like Google Authenticator or Authy.

Step-by-Step Guide

Step 1: Sign In to Your GitHub Account

  1. Open your web browser and navigate to GitHub.
  2. Enter your username and password to log in to your account.

Step 2: Access Security Settings

  1. Once logged in, click on your profile picture or avatar in the top-right corner of the page.
  2. From the dropdown menu, select Settings.
  3. In the sidebar on the left, click on Security.

Step 3: Enable Two-Factor Authentication

  1. Under the "Two-factor authentication" section, click on Enable two-factor authentication.
  2. You will be prompted to choose your method of receiving verification codes. You can select either:
    • Authentication app: Use an app like Google Authenticator or Authy to generate time-based one-time passwords (TOTPs).
    • SMS: Receive a code via text message sent to your phone.

Option A: Using an Authentication App

  1. Download and Install an Authentication App:

    • For Android, download Google Authenticator or Authy.
    • For iOS, download Google Authenticator or Authy.
  2. Scan the QR Code:

    • After installing the app, open it and select Set up account.
    • Choose Scan a barcode and use your phone's camera to scan the QR code displayed on GitHub.
  3. Enter the Verification Code:

    • The app will generate a 6-digit verification code every 30 seconds.
    • Enter this code into the GitHub setup page to verify that you have access to the app.

Option B: Using SMS

  1. Enter Your Phone Number:

    • In the GitHub setup page, enter your phone number where you want to receive the SMS codes.
    • Click on Send code and wait for the text message with the verification code.
  2. Enter the Verification Code:

    • Open the text message from GitHub and copy the 6-digit code.
    • Enter this code into the GitHub setup page to verify that you have access to your phone number.

Step 4: Save Recovery Codes

  1. After successfully setting up 2FA, GitHub will provide you with a set of recovery codes.

  2. Download or Print the Recovery Codes:

    • These codes can be used to regain access to your account in case you lose access to your authentication app or phone.
    • Click on Download to save them as a PDF file or print them out.
  3. Store the Recovery Codes Securely:

    • Keep these codes in a safe place, such as a password manager or physical wallet.
    • Do not share these codes with anyone and do not store them digitally unless you have strong encryption in place.

Step 5: Complete the Setup

  1. Once you have verified your second factor, click on Enable to complete the setup of 2FA.
  2. You will be prompted to re-authenticate using your new 2FA method. Follow the instructions to log in again.

Best Practices

  • Use a Strong Password: Ensure that your GitHub password is strong and unique. Consider using a password manager to generate and store complex passwords.

  • Regularly Update Recovery Codes: If you lose access to your authentication app or phone, regenerate new recovery codes from the GitHub Security settings.

  • Enable 2FA for All Accounts: It's recommended to enable 2FA on all your accounts, not just GitHub. This includes email, financial, and social media accounts.

  • Use a Hardware Token (Optional): For added security, consider using a hardware token like a YubiKey or U2F key. These devices provide an additional layer of protection beyond software-based authentication apps.

Troubleshooting

I Lost Access to My Authentication App or Phone

  1. Use Recovery Codes: If you have saved your recovery codes, use one of them to log in to GitHub.
  2. Disable 2FA Temporarily: If you cannot access your recovery codes, contact GitHub support to disable 2FA temporarily. You will need to provide proof of identity.

I Cannot Scan the QR Code

  1. Manual Entry: If you are unable to scan the QR code, you can manually enter the secret key provided by GitHub into your authentication app.
    • Open your app and select Set up account.
    • Choose Enter a setup key and paste or type the secret key from GitHub.

Conclusion

Enabling Two-Factor Authentication on GitHub is a simple yet effective way to enhance the security of your account. By following this tutorial, you have successfully added an extra layer of protection against unauthorized access. Remember to regularly review your security settings and stay informed about best practices for online security.


PreviousUsing SSH Keys with Git and GitHubNext Auditing Repository Activity on GitHub

Recommended Gear

Using SSH Keys with Git and GitHubAuditing Repository Activity on GitHub