Translations:Wikimedia Security Team/Two-factor Authentication for CentralAuth wikis/11/en

A user with shell access can remove your account from the two-factor configuration, which will allow you to log in and re-enable two-factor authentication with a new device. The person doing this work will need to verify your identity, preferably by signing your request with a PGP signature that the user can verify, revealing a committed identity, or verifying the request through another non-email source (most users can reset their wiki password via email, so we want to ensure a malicious person with access to your email account cannot get your second authentication factor reset also).