DO Ideas 2

Backup codes for people with 2-factor authentication enabled like google.

Currently, after talking with the DO support team, they said if I lose my phone, or it gets stolen/broken etc the only way I can get back into my account is by using a drivers license or a passport, neither of which I have or plan on having. So essentially if anything happens to my phone I am entirely and 100% screwed.

Google realises the importance of this and when you enable 2factor you can create a set of backup codes that are a one-time-only use to get logged in, at which point you can disable 2factor if you need to.

I cannot "protect" my Digital Ocean account with something that can permanently lock me out of my account forever just because I neither have or would ever send over the internet a passport or drivers license.

I strongly urge Digital Ocean to implement a backup code solution ASAP so that people can remain save and secure while having the safety net of being able to use the backup codes in conjunction with the user account password to get back into the account during a failure of 2factor technology (lost/broken phone etc).

People put the authenticator app on their phone... the same phone they receive SMS messages on... So really it is one basket to carry your eggs in. You must have a backup plan that does not force people to buy passports and send them over the internet!?!

  • Morthawt
  • Sep 11 2018
  • Shipped
  • Sep 11, 2018

    Admin Response

    We’ve made this change and announced it as part of an update to 2FA today. Changes include the ability to have downloadable codes as a backup method instead of SMS. You can check out the changes in the Security section of Settings or read more about it here: https://www.digitalocean.com/company/blog/updates-to-digitalocean-two-factor-authentication/ Thank you for the feedback!
  • Attach files
  • Anonymous commented
    September 11, 2018 16:44

    so my phone where i have the authentication app was spoiled, taht mean, i could not get in to my account? how to regain access to it?

  • Elvis commented
    September 11, 2018 16:44

    I currently have that problem. I can not enter my account for the reason that I no longer drop the codes by SMS to the cell phone. Therefore I can not enter the control panel. I already sent them mail asking for help but the answer they gave was not good at all. I am very interested in regaining access to the control panel because I have my credit card attached to it. I'm sure they'll charge me and without being able to manage my profile with digitalOcean.

  • Craig commented
    September 11, 2018 16:44

    Or at the very least, another admin should be able to disable 2fa for another user in the team

  • Craig commented
    September 11, 2018 16:44

    We have a user that hasn't got the backup codes and can now no longer access the DO account because you cannot get the 2fa diabled and authenticating by mobile instead, this is a stupid situation to not have the ability to use SMS instead of backup codes.

  • Morthawt commented
    September 11, 2018 16:44

    Very nice. Although I would have liked to have seen this planned long ago when 2-factor was being originally developed and implemented.