Is there recovery information for my FAS account?

Hi, I just enabled 2FA on my FAS account ([username]/settings/otp/). When I did this on github a while ago, they asked me to save some recovery codes in case I ever loose/break the second factor. This could happen easily (e.g. the smartphone I use for 2FA/OTP is broken or gets stolen). Is there some kind of recovery information for my FAS account that I should save while I still have access to the 2FA app?

If you add a GPG key to your FAS account, you can use that if you loose your TOTP token. I was just looking at an issue where it is mentioned, but I can’t find it ATM.

There is not. ;(

You can enroll as many tokens as you like, so many people just enroll a
second token and keep it somewhere safe.

Depending on which app you are using, there may be a backup option.
On android I use Aegis ( GitHub - beemdevelopment/Aegis: A free, secure and open source app for Android to manage your 2-step verification tokens. ) it’s
open source, available from play store and f-droid and works quite well.
It has a ability to make encrypted backups.

Failing all that, you can mail and we can remove
your old token.

There’s a ticket on our account system:
As a User, I want to have a process to recover my account if I have enabled 2FA and lost my token · Issue #151 · fedora-infra/noggin · GitHub which spawned a
request for freeipa (our backend authentication system):
Issue #8235: RFE: Support for MFA backup recovery codes - freeipa -
But sadly, it’s not gotten anywhere so far.

Ok, thanks for clarification!