This is an old revision of the document!
2-Factor Authentication
2-Factor Authentication is a security mechanism that requires you to enter a computer generated code from your phone every time you log into Mastodon.
We highly recommend that you set up 2-factor authentication as it prevents malicious users from logging into your account if they obtain your password.
Warning
If you lose access to your 2-factor authentication (such as by losing your phone or performing a factory reset) and you do cannot log in, you will not be able to access your account and will need to contact an instance admin to remove 2-factor authentication from your account.
Setup
- Open your settings page and navigate to the Two-factor Authentication page
- Follow instructions below to install an authenticator for your smartphone
Android
Recommended Application: Google Authenticator
-
Download the above application on your phone
-
Open the “Authenticator” app
-
Press the + button in the bottom right-hand corner
-
Press “Scan a barcode”
-
Line up the black and white QR code with the target box that appears on your camera
-
Now, whenever you log in to Mastodon, open the Authenticator app and enter the 6 digit code that appears above the “mastodon.social (email address)” text
iPhone
Recommended Application: iPhone: Authenticator by Matt Ruben
-
Download the above application on your phone
-
Open the “Authenticator” app
-
Press the + button in the bottom right-hand corner
-
Authenticator should prompt you for access to your camera- hit “OK”
-
Line up the black and white QR code with the target box that appears on your camera
-
Now, whenever you log in to Mastodon, open the Authenticator app and enter the 6 digit code that appears above the “mastodon.social (email address)” text
Disabling 2-factor Authentication
This document is licensed under the GNU Affero General Public License. The original version can be found here.