When you enable two-factor authentication, Modari gives you 8 recovery codes in XXXX-XXXX format (for example, A3F2-9D1B). These codes are your plan B: they let you log in even if you lose access to your authenticator app.

When they are used

Recovery codes are used in one situation: when you cannot generate the 6-digit code in your authenticator app. This usually happens because:

  • Your phone was stolen or lost.
  • You accidentally deleted the authenticator app.
  • You changed phones and forgot to migrate the accounts (several apps do not migrate on their own).
  • The phone broke and you cannot access the app.

How to store them

The day you enable 2FA, Modari shows you the 8 codes only once. That is the only time you will see them in full. That is why, before closing the screen, choose a safe destination. Some options:

  • Print them and keep the paper in a closed place at home or the office (locked drawer, safe, personal file cabinet). This is the most resilient option: it does not depend on any device.
  • Save them in a password manager like 1Password, Bitwarden, Dashlane, or Apple Keychain. Create an entry called "Modari recovery codes" and paste the 8 codes there.
  • Save them in an encrypted file on your computer (for example, a password-protected PDF or ZIP), backed up to an external drive or cloud service. Make sure the password is not stored in the same place.

How to use them at login

  1. Log in normally

    Go to the login page, enter your email and password. Modari will take you to the screen asking for the code from your authenticator app.

  2. Tap 'Lost access to your app?'

    Below the code field you will see this link. Tap it. Modari will take you to the recovery code screen.

  3. Enter one of your recovery codes

    Type one of the codes in full, in XXXX-XXXX format. If you type it correctly and it has not been used yet, you will enter your account.

    Important: that particular code becomes automatically invalid after use. You have the remaining 7.

  4. Reconfigure your 2FA as soon as possible

    Once inside, go to Settings → Security. Since you no longer have access to the old authenticator app, the right thing is to disable 2FA, install it again in a new app (on your new phone, for example), and re-enable it. This generates a new secret key and a new set of 8 recovery codes.

If you lose the codes too

If you lose access to your authenticator app andyour recovery codes, you have no automated options left. The only thing you can do is write to support from an email different from the account's. We will ask for identity verification —which may include documents, account data, and, if it is an organization with several members, confirmation from another Owner or Admin.

The process can take several business days. That is why the most important thing is to store the codes well from day one.

Generate new codes

If you believe your codes may be compromised (for example, you stored them somewhere someone else had access to), you can invalidate the current ones and generate new ones. To do this:

  1. Go to Settings → Security.
  2. Disable two-factor authentication.
  3. Re-enable it.

When you re-enable 2FA, Modari generates 8 completely new codes. The previous ones become invalid. Repeat the storage process in a safe place.

What's next

To reduce how often you need to type the code from your app, Modari lets you mark devices as trusted. Learn how trusted devices work.