Using Recovery Codes to Regain Access

Lost access to your authenticator app? Recovery codes are your backup method to log in to your LiteSOC account when you can't use your regular 2FA method.

What Are Recovery Codes?

Recovery codes are a set of 10 single-use codes generated when you first enable Two-Factor Authentication (2FA). Each code can only be used once and should be stored securely offline.

Example Recovery Codes:
━━━━━━━━━━━━━━━━━━━━━━
XXXX-XXXX-XXXX-XXXX
YYYY-YYYY-YYYY-YYYY
ZZZZ-ZZZZ-ZZZZ-ZZZZ
... (7 more codes)

Using a Recovery Code

Step 1: Start the Login Process

1. Go to litesoc.io/login
2. Enter your email and password
3. When prompted for your 2FA code, click "Use recovery code"

Step 2: Enter Your Recovery Code

Enter one of your unused recovery codes. The format is typically XXXX-XXXX-XXXX-XXXX (16 characters with dashes).

⚠️ Important: Each recovery code can only be used once. After use, it becomes invalid.

Step 3: Access Restored

You'll be logged in immediately. We recommend:

1. Going to Settings → Security
2. Resetting your 2FA with a new authenticator device
3. Generating new recovery codes
4. Storing the new codes securely

Best Practices for Recovery Codes

Where to Store Recovery Codes

✅ Good options:

• Password manager (encrypted)
• Printed copy in a safe or lockbox
• Encrypted USB drive stored securely
• Bank safety deposit box

❌ Avoid:

• Email (could be compromised)
• Cloud storage without encryption
• Sticky notes or unsecured documents
• Screenshots on your phone

Security Recommendations

1. Store them separately from your password
2. Don't keep them on the same device as your authenticator
3. Keep multiple copies in different secure locations
4. Regenerate codes after using any

Generating New Recovery Codes

If you've used most of your codes or want new ones:

1. Log in to your LiteSOC account
2. Go to Settings → Security → Two-Factor Authentication
3. Click "Regenerate Recovery Codes"
4. Confirm with your authenticator code or a current recovery code
5. Important: Your old codes will be invalidated immediately
6. Store your new codes securely

Lost All Recovery Codes?

If you've lost both your authenticator access AND all recovery codes:

Option 1: Contact Support

1. Email support@litesoc.io from your registered email
2. Provide verification information:
   • Your full name
   • Organization name
   • Approximate account creation date
   • Recent activity details
3. Our team will verify your identity and help restore access

Option 2: Organization Admin Recovery

If you're part of an organization:

1. Contact your organization administrator
2. They can reset your 2FA from the admin panel
3. You'll receive an email to set up 2FA again

⏱️ Recovery timeline: Support-assisted recovery typically takes 1-2 business days for security verification.

Preventing Future Lockouts

1. Set Up Multiple 2FA Methods

Consider adding backup authentication methods:

• Multiple authenticator apps on different devices
• Security keys (YubiKey, etc.)

2. Regular Code Audits

Every 6 months:

• Check how many recovery codes you have left
• Regenerate if you have fewer than 5
• Verify your codes are still accessible

3. Authenticator App Backups

Some authenticator apps support cloud backup:

• Authy - Encrypted cloud sync
• 1Password - Built into password manager
• Google Authenticator - Cloud sync available

What Happens If Someone Finds My Recovery Codes?

Recovery codes alone aren't enough to access your account—they also need your password. However, if you suspect your codes have been compromised:

1. Log in immediately
2. Go to Settings → Security
3. Regenerate all recovery codes (invalidates the old ones)
4. Review your account activity for suspicious logins
5. Consider changing your password as well

Need help? Contact our support team or review our security best practices.