Two-factor authentication (2FA) provides users with additional authentication security, by requiring a token retrieved via your cell phone in addition to a password. Code Climate highly recommends 2FA for all users.
Though 2FA must be enabled at the user-level, organization owners can view which members of their team have (and have not) enabled 2FA from their organization's Team Members page.
If your Code Climate user is GitHub-linked and you don't have a password, you'll need to create a password before moving forward. This can be done by logging out of Code Climate, and choosing the "Forgot Password?" workflow to create a password.
- From your Dashboard, click your avatar in the top-right corner of the page.
- Scroll to the bottom, and click Enable Two-Factor Authentication.
- Enter your cell phone number, including area code, into the Cell Phone field.
- Select your country code from the Country list.
- Click Enable Two-Factor Authentication.
Code Climate uses Authy for two-factor authentication. To use two-factor authentication to login to your Code Climate account you will need to install and setup the Authy app on your device (e.g, your iOS or Andorid phone). More information on how to do this can be found on the Authy website.
We currently don't support 2FA via 1Password or Google Authenticator.
- A green message will appear indicating 2FA has been enabled for your user. If a red error message is displayed, see Troubleshooting below.
After enabling 2FA, upon signing in you will receive a prompt for your Code Climate token.
If you would prefer to receive your token via SMS instead of via the Authy app, click the Request token via SMS and Authy will send it via a text message.
- A notification from the Authy app should appear on your mobile device with your Code Climate token.
- Back in Code Climate, enter the token in the Token field, and click Verify Token.
- Upon successful login, you will be redirected to your Dashboard.
If you are seeing a red error message after clicking Enable Two-Factor Authentication:
- Ensure there are no leading or trailing spaces around your cell phone number.
- Ensure there are no characters in the Cell Phone field (e.g., dashes or parentheses).