Back to Zuro Help Center
Security

How to Use Backup Codes for MFA

Published 8 January 2026
4 mins read
9 views
#backup-codes#mfa#security#authentication#account-recovery#two-factor

Backup codes provide a way to access your account if you lose access to your MFA method. Learn how to generate, use, and manage backup codes for Multi-Factor Authentication.

What Are Backup Codes?

Backup codes are one-time use codes that let you log in to your account if you can't access your MFA method (authenticator app or email). Each code can only be used once.

When to Use Backup Codes

Lost Access Scenarios

  • Lost phone: Can't access authenticator app
  • Email issues: Can't receive email codes
  • App deleted: Authenticator app removed
  • Device broken: Phone or device not working

Emergency Access

  • Immediate access needed: Can't wait for MFA reset
  • Traveling: No access to MFA device
  • Temporary issues: MFA method temporarily unavailable

Generating Backup Codes

During MFA Setup

  1. Set up MFA (TOTP or Email)
  2. Complete verification
  3. Backup codes are automatically generated
  4. Save them immediately: Codes are only shown once

After Setup

  1. Go to SettingsMFA
  2. Click "Regenerate Backup Codes"
  3. New codes are generated
  4. Save immediately: Old codes become invalid

Saving Backup Codes

Best Practices

  • Password manager: Store in secure password manager
  • Secure location: Keep in safe, accessible place
  • Multiple copies: Store in 2-3 secure locations
  • Never share: Don't share codes with anyone

Where to Store

  • Password manager: 1Password, LastPass, Bitwarden
  • Encrypted file: Encrypted document
  • Secure note: In secure note-taking app
  • Physical backup: Printed and stored securely (less secure)

Using Backup Codes

Step 1: Attempt Login

  1. Enter your email and password
  2. You'll be prompted for MFA code
  3. If you can't access MFA, use backup code

Step 2: Enter Backup Code

  1. Click "Use Backup Code" or similar option
  2. Enter one of your backup codes
  3. Click "Verify" or "Login"
  4. Code is used and can't be used again

Step 3: Regenerate Codes

  1. After using backup code, regenerate new ones
  2. Go to SettingsMFA
  3. Click "Regenerate Backup Codes"
  4. Save the new codes

Managing Backup Codes

Viewing Remaining Codes

  1. Go to SettingsMFA
  2. See "Backup Codes Remaining" count
  3. Know how many you have left
  4. Regenerate if running low

Regenerating Codes

  1. Go to SettingsMFA
  2. Click "Regenerate Backup Codes"
  3. Important: Old codes become invalid immediately
  4. Save new codes right away

When to Regenerate

  • After using one: Regenerate after using a backup code
  • Running low: When you have few codes left
  • Security concern: If codes may be compromised
  • Periodically: Regenerate every few months

Security Best Practices

Code Security

  • Never share: Don't share codes with anyone
  • Store securely: Use password manager or encrypted storage
  • Don't screenshot: Avoid storing in cloud photos
  • Regenerate if compromised: If codes may be exposed

Code Management

  • Keep current: Use most recent codes
  • Don't reuse: Each code is one-time use only
  • Track usage: Know how many you've used
  • Regenerate regularly: Create new codes periodically

Troubleshooting

Backup Code Not Working

  • Check code is correct: Verify you entered it correctly
  • Ensure it's unused: Each code can only be used once
  • Use most recent codes: Old codes may be invalid
  • Regenerate if needed: Create new codes

No Backup Codes Available

  • Generate new codes: Go to MFA settings
  • Check MFA is enabled: Must have MFA enabled
  • Verify account access: Ensure you can access settings
  • Contact support: If you can't generate codes

Lost All Backup Codes

  • Use MFA method: Try to access via authenticator or email
  • Contact support: If you can't access MFA
  • Account recovery: Support can help recover account
  • Prevention: Always keep backup codes saved

Frequently Asked Questions

How Many Backup Codes Do I Get?

  • 10 codes: Generated when you set up MFA
  • Regenerate anytime: Can create new codes
  • One-time use: Each code works once
  • Unlimited regeneration: Can regenerate as needed

Can I Use the Same Code Twice?

  • No: Each code is one-time use only
  • Used codes are invalid: Can't reuse after using
  • Generate new ones: Create new codes after using one
  • Track usage: Know which codes you've used

What If I Lose All My Codes?

  • Try MFA method: Use authenticator app or email
  • Contact support: Support can help recover access
  • Account recovery process: May require verification
  • Prevention: Always keep codes in multiple secure locations

Best Practices

  • Save immediately: Don't close window before saving codes
  • Store securely: Use password manager
  • Multiple locations: Keep copies in 2-3 secure places
  • Regenerate regularly: Create new codes every few months
  • Never share: Keep codes completely private

Related Articles

Related Articles

How to Set Up Multi-Factor Authentication (MFA)

Learn how to set up Multi-Factor Authentication (MFA) for your Zuro account. Secure your account with TOTP authenticator apps or email verification codes.

1 views

MCP Permissions and Security

Learn how to keep your Zuro account secure when using MCP. Understand permissions, key security, and best practices for MCP usage.

0 views

How to Secure Your Account

Learn how to protect your Zuro account with security best practices.

76 views