 | This is an information page. It is not an encyclopedic article, nor one of Wikipedia's policies or guidelines; rather, its purpose is to explain certain aspects of Wikipedia's norms, customs, technicalities, or practices. It may reflect differing levels of consensus and vetting. |
 | This page in a nutshell: Administrators and editors with advanced permissions should ideally enable two-factor authentication for account security, and can do so by following this guide. |
 | Particular attention should be paid to the section of this guide on scratch codes — if you don't keep these codes and encounter a problem with your 2FA device, you will be locked out of your account. |
Two-factor authentication (2FA) is a method of adding additional security to your account. The first "factor" is your usual password that is standard for any account. The second "factor" is a verification code retrieved from an app on a mobile device or computer. 2FA is conceptually similar to a security token device that banks in some countries require for online banking. Other names for 2FA systems include OTP (one-time password) and TOTP (Time-based One-time Password algorithm).
This guide explains how to enable and disable 2FA on Wikipedia for your account. This guide is about the TOTP method, see notes about WebAuthn below.
If you decide to enable 2FA, you may want to enable the option "Send password reset emails only when both email address and username are provided" in the first tab of Special:Preferences.