2FA, or two-factor authentication is a way of adding additional security on your account. The first "factor" is your usual password that is standard for any account, the second is a code run on an external device such as a smartphone, or a program on your computer. It is conceptually similar to a keycode device you may have to use when logging into internet banking.

It is important for Administrators to keep their account secure. In November 2016, a number of Wikipedia administrators (including the founder, Jimbo Wales) had their accounts compromised which were used to vandalise the encyclopedia. As well as causing widespread disruption, the affected administrators' accounts were locked so they couldn't do anything until it was beyond doubt they had regained control.

1. Download a 2FA app onto your smartphone. You probably want to use Google Authenticator because it's the best^{[citation needed]}

• Android version: https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en_GB
• iOS version: https://itunes.apple.com/gb/app/google-authenticator/id388497605?mt=8

2. Go to Special:OATH and following the instructions.

3. The recommended authentication method with Google Authenticator is to scan a QR code. Your browser will display a box with a pattern, which you have to point the camera in your smartphone towards, as if you're taking a picture of it. (Your phone might ask you for permission to use the camera first). If you can't do this, Google Authenticator can supply you an account name and alphanumeric key, which gives you the same result.

4. Once you're set up, your phone will give you a verification code. Enter this into the box at the bottom of the OATH page browsed to in step 2).

That's it, you're all set up

5. When you set up 2FA, you'll be given a number of emergency tokens. You can re-use one of these if you can't use your smartphone (eg: if it gets broken, stolen or sold). You only get shown these tokens when you sign up and never again, so make a copy of them by selecting them from your browser and copy / pasting into Notepad.

Please note: Using a windows based TOTP client slightly decreases the effectiveness of a two-factor system - if someone has access to your PC and your password, they will still be able to log in

1. Download winauth^[1] (https://winauth.com/download/) onto your Windows PC.

2. Pop over to Special:OATH

3. Enter the two-factor account name and key from the OATH screen into the program. It should show you where to put it.

4. Enter a verification code from winauth into the OATH screen to complete the enrollment.

That's it, you're all set up

• Once you've entered the verification code, you will also be presented with a series of one-time scratch codes. Safely store a copy of these codes, should you lose or have a problem with your TOTP client you will be locked out of your account unless you have access to these codes.
• You still need to follow good security practices

On the English Wikipedia the following groups can use 2FA:

• Bureaucrats
• Administrators
• Checkusers
• Oversighters
• Edit Filter Managers
• Interface Editors

2FA is a method of computer access control in which a user is only granted access after successfully presenting several separate pieces of evidence to an authentication mechanism – typically at least two of the following categories: knowledge (something they know), possession (something they have), and inherence (something they are).

See the meta help page - this is quite technical