How to recover your GitHub account if you lost your 2FA credentials AND recovery codes.

If you, like me, are careless at times, and didn't backup your GitHub recovery codes to a safe place (even though GitHub is very clear about how important this is) and you eventually lost them and you also lost your Two Factor Authentication app (along with the credentials), fear no more, there's still hope.

WARNING: This method is not "officially" supported, and GitHub support may stop recovering accounts on this situations at any time.

Getting your verification token

To regain access to your GitHub account, you will need to contact GitHub support and ask them to disable the 2FA on your account (this was possible at the time I was writing this article, but may stop being supported).

They will ask you to authenticate your credentials, the way you do it is by providing a verification token, which is based on your SSH Key.

Enter the following in your terminal:

ssh -i ~/.ssh/github_rsa -T git@github.com verify

You will then be prompted for your passphrase, which you may or not have set when you created your SSH Keys. If you did, just type it in. If you didn't set a passphrase and you are on a Mac, then scroll down to "Finding my passphrase", if you didn't and you're not on a Mac, sorry, but you're out of luck, try contacting GitHub support team.

If everything wen't as expected, the output should be something like this:

Identity added: /Users/YourUser/.ssh/github_rsa (/Users/YourUser/.ssh/github_rsa)

Please provide the following verification token to GitHub Support.

0011ca34b048ca223d5a49f783042cdcacaca934ca312d4a92ca54d5288782aa637265617465645f6174ce54cbee07aa7075626c69635f6b6579ce0089ae54

Now you can e-mail the GitHub support team and ask them to turn off 2FA on your account, don't forget to provide the Verification Token that you just got on the previous steps.

Again, this method may stop working at any time, and even if it worked for you, you should definitely enable 2FA again on your account, and obviously, don't forget to backup your Recovery Codes this time, send them to your e-mail, print them, store them in a pendrive and then store the pendrive in a safe, whatever, just make sure you don't lose it this time ;)

Finding my passphrase

If you didn't set up a passphrase when creating your SSH Key for using with GitHub AND you are using a Mac, the:

1. Open Spotlight (CMD+Space bar).
2. Type in: "keychain Access.app" and press return.
3. Look for an entry like "GitHub for Mac SSH key passphrase — github.com" and double click it.
4. Check: "Show password"
5. Type in your password and you should be seeing your passphrase.
6. Now type this passphrase (yeah, you have to type it, no copy and paste in there) in the first steps to get your Verification Token.