How to enable 2FA for your GitHub account
Updated June 5, 2026
A step-by-step guide on how to set up two-factor authentication (2FA) for your GitHub account using Authenticator App. With 2FA enabled, signing in requires both your password and a temporary verification code — keeping your account safe even if your password is stolen.
Download Authenticator App
First, download the Authenticator ℠ App on your Apple device. Click the button below or scan the QR code with your iPhone camera.
Get the Authenticator ℠ App
Scan the QR codes from GitHub and generate secure one-time codes.
Open your Settings
While signed in to github.com, click your profile photo in the upper-right corner of any page and choose Settings from the drop-down menu.
Enable two-factor authentication
In the left sidebar under Access, open Password and authentication. Scroll to the Two-factor authentication section and click Enable two-factor authentication.
Choose to set up using an app
Select Set up using an app as your authentication method, then click Continue to move on to the QR code.
View the QR code on GitHub
GitHub now shows a QR code that encodes your secret key on the Set up authenticator app screen. Leave this page open on your computer while you reach for your iPhone. If you can't scan it, click setup key to reveal the code for manual entry.
Scan the QR code with your Authenticator App
Open the Authenticator App on your iPhone and tap the + button. Hold your phone up to the screen to scan the QR code shown by GitHub.
Save the GitHub entry in your app
After the scan, the Authenticator App automatically picks the GitHub logo and fills in the account name and secret key. Tap Save to add the entry to your app.
Enter the 6-digit verification code
Your Authenticator App now generates a six-digit code that refreshes every few seconds. Type the current code into the field on GitHub and click Continue.
Save your recovery codes
GitHub displays a list of recovery codes that let you back into your account if you lose your phone. Click Download to store them somewhere safe, then click I have saved my recovery codes.
You're done
Two-factor authentication is now active on your GitHub account, so you'll enter a code from your Authenticator App when signing in. GitHub recommends testing it by signing out and back in.
Backup & recovery
When you enable 2FA, GitHub automatically generates a set of recovery codes. Download and store them securely (you must click "I have saved my recovery codes" to finish setup). If you lose access to your authenticator app, you can use one of these recovery codes to regain access to your account. You can later view or regenerate them under Settings > Password and authentication > Recovery codes.
That's it — your GitHub account is now protected with two-factor authentication. If you have any issues during setup, visit the official GitHub help page. Stay safe!
Related guides
Disclaimer
This content is for educational purposes only.
Begamob is not affiliated with or endorsed by GitHub. All trademarks and product names are the property of their respective owners and are used solely for identification purposes. Interface labels and menu names may change over time — when in doubt, follow the official GitHub documentation.