When you enable two-factor authentication, you are supposed to generate and securely save one-use recovery codes. This situation is what those codes are for; they are used in lieu of codes generated by your two-factor device. As long as you have them, you can use one code to log in as normal and two more codes to remove the two-factor device from your membership. Then you will be all set.
If for some reason you don't have those codes, you will have to complete our login recovery process.
Assuming you contact us from the email address associated with your membership, our system will send you a response with information about:
- Whether you have unused single-use recovery codes. (Good to know whether you should spend time looking for them!)
- Which recovery actions are configured (and therefore possible) for your membership.
- How many successful recovery actions are needed to complete the login recovery process.
If, for some reason, you have lost your two factor device and access to your email at the same time, that's going to be rough. You must do login recovery to update your email address first. We will not process recovery requests related to two-factor devices from email addresses other than the current member contact address.