Need to Setup TFA on new phone and I've lost my recovery codes! #fail

Hi guys,

I’ve just got a new handset, and I need to re-setup TFA and Google Authenticator. I can’t get into my account as I’ve lost my recovery codes. Doh!!!



Hey David,

By choosing to enable two-factor authentication, you have made it clear to us that security is as an important concern for you as it is for us. It also means you do not completely trust authenticating with just a password.

Therefore you will understand that we need to take extra measures to be sure that we are not disabling two-factor authentication for an attacker who learned your password.

We would like to verify that you’re in possession of the SSH key you have provided to us. To do this you’ll have to run the following command and send us the output from the email account associated with your balena account, to After we validate the signature we’ll disable 2FA on your account and you’ll be able to login with just your password.

echo 62bb70387b84731d540867df80f24ec2bf4da55e1bb68997dad0d0769c4475a6 | openssl rsautl -sign -inkey ~/.ssh/id_rsa | base64

If the command doesn’t work, it may be that your SSH keys are stored elsewhere, you can edit the command to point to where your SSH keys are.

Please let us know if you have trouble with these instructions!

Great - thanks - have emailed this now. Thanks for replying so quickly and providing a way for me to do this without revealing my keys! As you say, security is a top priority for me.