@@ 25,10 25,12 @@ authentication and view the audit log.
## Two-factor authentication
Presently, only
-[TOTP](https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm) is
-supported for two-factor authentication. Our recommended token software is
-[andOTP](https://f-droid.org/packages/org.shadowice.flocke.andotp/), but others
-like Google Authenticator will also work.
+[TOTP](https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm)
+is supported for two-factor authentication. Any TOTP software should work
+(e. g. [Aegis Authenticator](https://f-droid.org/packages/com.beemdevelopment.aegis/),
+[FreeOTP](https://f-droid.org/en/packages/org.fedorahosted.freeotp/)
+or Google Authenticator) because sr.ht currently uses the first iteration of
+the TOTP parameters.
To enable TOTP, click "Enable TOTP" and scan the QR code with your TOTP app.
Enter a valid code to enable TOTP. Note that once enabled, you will not be able