विकिमीडियाचाटू-फॅक्टर ऑथेंटिकेशन'' (2FA) ची अंमलबजावणी हा तुमच्या खात्याची सुरक्षा मजबूत करण्याचा एक मार्ग आहे. तुम्हीटू-फॅक्टर ऑथेंटिकेशन सक्षम केल्यास, तुम्हाला तुमच्या पासवर्ड व्यतिरिक्त प्रत्येक वेळी एक-वेळचा सहा-अंकी प्रमाणीकरण कोड विचारला जाईल. हा कोड तुमच्यास्मार्टफोन किंवा इतर प्रमाणीकरण उपकरणावरील ॲपद्वारे प्रदान केला जातो. लॉग इन करण्यासाठी, तुम्हाला तुमचा पासवर्ड माहित असणे आवश्यक आहे आणि कोड व्युत्पन्न करण्यासाठी तुमचे प्रमाणीकरण डिव्हाइस उपलब्ध असणे आवश्यक आहे.
Two-factor authentication on Wikimedia is currently experimental and optional (with some exceptions). Enrollment requires(oathauth-enable) access, currently in production testing withadministrators (and users with admin-like permissions likeinterface editors),bureaucrats,checkusers,oversighters,stewards,abuse filter helpers andmaintainers, and theOATH-testers global group (now renamed "two-factor authentication testers").
As of October 2025, Wikimedia is requiring 2FA for some user groups, and increasing the number of users who can opt-in to 2FA. See theAccount security project page for details.
 | WARNING: You will also be presented with a series of 10 one-timerecovery codes.You should print and safely store a copy of this page. If you lose or have a problem with your TOTP client, you will be locked out of your account unless you have access to these codes. |
If you choose this option when logging in, you normally will not need to enter an authentication code when using the same browser. Actions such as logging out or clearing browser cookies will require a code on your next login.
Some security sensitive actions, such as changing your email address or password, may require you to re-authenticate with a code even if you chose theमला नोंदीकृतच (लॉग्ड-ईन) ठेवा option.
Two-factor authentication is not utilized when usingOAuth orbot passwords to log in via theAPI.
You may use OAuth or bot passwords to restrict API sessions to specific actions, while still using two-factor authentication to protect your full access. Please note, OAuth and bot passwords can not be used to log on interactively to the website, only to the API.
For example, tools likeAutoWikiBrowser (AWB) do not yet support two-factor authentication, but can use bot passwords. You may findfurther information on how to configure this.
| If you already have 2FA enabled, removing the permission that allows you to enroll in 2FAWILL NOT disable 2FA. You need to follow the process below to disable it. |
When enrolling in two-factor authentication, you will be provided with a list of ten one-time recovery codes.Please print those codes and store them in a safe place, as you may need to use them in case you lose access to your 2FA device. It is important to note that each of these codes issingle use; it may only ever be used once and then expires. After using one, you can scratch it through with a pen or otherwise mark that the code has been used. To generate a new set of codes, you will need to disable and re-enable two-factor authentication.
This may requiretwo recovery codes: one to log in, and another to disable. Should you ever need to use any of your recovery codes, it is advisable to disable and re-enable to generate a fresh set of codes as soon as possible.
If you have an existing 2FA device which has simply stopped generating the correct codes, check that its clock is reasonably accurate. Time-based OTP on our wikis has been known to fail with 2 minutes difference.
You will need access to the recovery codes that you were provided when enrolling in order to un-enroll from two-factor authentication. It will require you to use up totwo recovery codes to accomplish this:
If you don't have enough recovery codes, you may contactTrust and Safety at ca
wikimedia.org to request removal of 2FA from your account (please send an email using your registered email address of your wiki account). You should also create a task onPhabricator if you still have access to it. Please note, 2FA removal by staff is not always granted.
Seewikitech:Password and 2FA reset#For users for instructions on requesting 2FA removal for yourDeveloper account.
Please note, most of the directions on this page are specific to the TOTP method. TheWebAuthn method is more experimental and currently has no recovery options (cf.related developer task). WebAuthn is not currently available for use via mobile apps (T230043).
A similar, but distinct authentication system which asks for a one-time email code may apply during log-in in certain situations. This is theEmailAuth extension. In general, users enrolled in two-factor authentication will be exempted from EmailAuth.