I had been using Ubuntu Touch Authenticator app, but I wanted to try out the 2FA Manager app to see how that worked for me. The only problem was that I had never reset my 2FA stuff that I originally set up so this was my first time switching devices. It was easy, but it was also not documented. I hope this simple guide helps and perhaps the steps of this process also apply to other 2FA sites:
In your Gitlab account
- Log into your gitlab account
- Go to “Settings” under your top right avatar
- Go to “Account”
- Click the ‘Manage Two Factor Authentication” button
- Click the ‘Disable two-factor authentication’ button which will then warn give you this warning “Are you sure? This will invalidate your registered applications and U2F devices.”
- Select ‘Ok’ on warning screen
This will now present you with a screen and QR code where you will scan it and bring it into the Ubuntu Touch 2FA Manager app. So now let’s move to your ubuntu touch device…
On your Ubuntu Touch device
- Download / install tagger app if you have not already done so
- Download install the 2FA Manager app if you have not already done so
- Open the 2FA Manager App
- Open Tagger app and point camera at QR code and patiently wait… adjust camera position if needed until it registers the QR code. You will know this is working when the dialogue with “open url, copy to clip, generate qr code” buttons pops up
- Select ‘open URL’
- Add a description. This is just a friendly name that will help you remember what this key is for as you may build up many keys over the years.
- Press ‘Add’ button. You should now be taken to the 2FA Manager app to a screen with a 6 digit bold code and a purple progress meter that is moving. You will notice that each time the progress meter reaches the end, it will loop back with a new 6 digit number. You will also notice that if you tap this 6 digit code it will open it up and make it much bigger and easier to read and also give you the ability to copy this code to clipboard. Whichever way you prefer, these are the two ways you can obtain your 2FA codes and these codes are what you will use to log into Gitlab each time, and also to use to finish up your setup in your Gitlab account.
- Go back to Gitlab
Meanwhile, back at Gitlab…
- Look at your 2FA Manager app and grab the 6 digit code presented on the screen. But hurry! (dramatic music here) If you don’t grab it quick enough the next one will be generated. This is for security if you were wondering and limits the chance of someone stealing your stuff…
- Enter the 6 digit code into the ‘pin code’ field on your Gitlab 2FA setup page you should still be on
- Select ‘Register with two-factor app’ button
- Save your recovery codes: If all goes well you should now be presented with a ‘congratulations’ screen and a list of 10 random looking letters and number strings with bullet points. These are your recovery keys so save them somewhere safe. I recommend the keypassxc app as it’s a really great password manager for your laptop / desktop ubuntu environment.
- After you have these recovery codes safely stored, press ‘proceed’. If you got an ‘invalid code’ message, it probably means you weren’t fast enough with steps 1-3 above so repeat but faster 😉
You should now be brought back to your gitlab Account page and good to go. You can probably use this workflow above to do 2FA setups in other systems as well.