8000 Create changelog for recovery codes (#25693) · cloudflare/cloudflare-docs@08e24c8 · GitHub
[go: up one dir, main page]
Skip to content

Commit 08e24c8

Browse files
jhutchings1jhutchings1
authored
Create changelog for recovery codes (#25693)
1 parent 88400cb commit 08e24c8

File tree

1 file changed

+23
-0
lines changed

1 file changed

+23
-0
lines changed

src/content/changelog/fundamentals/2025-10-07-recovery-codes.mdx

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,23 @@
1+
---
2+
title: Automated reminders for backup codes
3+
description: Cloudflare reminds you to download your 2FA recovery keys
4+
products:
5+
- fundamentals
6+
date: 2025-10-07
7+
---
8+
9+
The most common reason users contact Cloudflare support is lost two-factor authentication (2FA) credentials. Cloudflare supports both app-based and hardware keys for 2FA, but you could lose access to your account if you lose these. Over the past few weeks, we have been rolling out email and in-product reminders that remind you to also download backup codes (sometimes called recovery keys) that can get you back into your account in the event you lose your 2FA credentials. Download your backup codes now by logging into Cloudflare, then navigating to **Profile** > **Security & Authentication** > **Backup codes**.
10+
11+
## Sign-in security best practices
12+
13+
Cloudflare is critical infrastructure, and you should protect it as such. Please review the following best practices and make sure you are doing your part to secure your account.
14+
15+
* Use a unique password for every website, including Cloudflare, and store it in a password manager like 1Password or Keeper. These services are cross-platform and simplify the process of managing secure passwords.
16+
* Use 2FA to make it harder for an attacker to get into your account in the event your password is leaked
17+
* Store your backup codes securely. A password manager is the best place since it keeps the backup codes encrypted, but you can also print them and put them somewhere safe in your home.
18+
* If you use an app to manage your 2FA keys, enable cloud backup, so that you don't lose your keys in the event you lose your phone.
19+
* If you use a custom email domain to sign in, [configure SSO](https://developers.cloudflare.com/cloudflare-one/applications/configure-apps/dash-sso-apps/).
20+
* If you use a public email domain like Gmail or Hotmail, you can also use social login with Apple, GitHub, or Google to sign in.
21+
* If you manage a Cloudflare account for work:
22+
* Have at least two administrators in case one of them unexpectedly leaves your company
23+
* Use SCIM to automate permissions management for members in your Cloudflare account

0 commit comments

Comments
 (0)
0