Skip to content

Recovery Codes

Recovery codes are backup one-time passwords for regaining account access.

What Are Recovery Codes?

Recovery codes are single-use passwords that let you log in if you lose your primary authentication method.

Format: 

ABCD-1234-EFGH-5678
IJKL-9012-MNOP-3456
QRST-7890-UVWX-1234
...

You receive 10 codes when generated.

Generating Recovery Codes

First-Time Setup

  1. Go to Account → Security → Recovery Codes
  2. Click Generate Recovery Codes
  3. Codes are displayed once
  4. Save them securely (download or print)
  5. Check confirmation box
  6. Codes are now active

Regenerating Codes

To get new codes (invalidates old ones):

  1. Go to Account → Security → Recovery Codes
  2. Click Regenerate Codes
  3. Confirm (old codes will stop working)
  4. Save new codes securely

One-Time Display

Recovery codes are shown only once during generation. Save them immediately.

Using Recovery Codes

To Log In

  1. Go to login page
  2. Click "Use recovery code"
  3. Enter one recovery code
  4. Logged in

After Using

  • Code is invalidated (can't reuse)
  • Remaining codes still valid
  • Consider regenerating when running low

Storage Best Practices

DO

Print and store offline - Print codes - Store in safe or secure location - Keep with important documents

Use password manager - Store in encrypted vault - Separate from daily passwords

Write down physically - Paper in secure location - Not with your computer

DON'T

❌ Store in email or cloud notes (unencrypted) ❌ Save in browser or on desktop ❌ Share with anyone ❌ Store with passwords

When to Use

Use recovery codes when:

  • Lost your passkey device
  • Can't access Nostr extension
  • Forgot password
  • Device damaged/stolen
  • Traveling without usual devices

Viewing Remaining Codes

You can't view codes after generation, but you can see:

  1. How many codes remain (e.g., "7 of 10 remaining")
  2. When last code was used

To see this: 1. Go to Account → Security → Recovery Codes 2. View status summary

Security Considerations

Why They're Important

Recovery codes are your last line of defense:

Lost passkey device
  └── Can't log in normally
      └── Use recovery code
          └── Access restored
              └── Register new passkey
                  └── Generate new recovery codes

Protection

  • Recovery codes are equivalent to your password
  • Anyone with a code can access your account
  • Treat them like your seed phrase

Regeneration Schedule

Recommended: - When you've used 50% of codes - Annually as best practice - After any security incident - When changing authentication methods

Next: Subscription →