Merge pull request #35236 from github/repo-sync

Repo sync
github · Nov 8, 2024 · a73cbea · a73cbea
2 parents 5a2887f + 7972e52
commit a73cbea
Show file tree

Hide file tree

Showing 10 changed files with 36 additions and 43 deletions.
diff --git a/...ing-your-personal-account/unlinking-your-email-address-from-a-locked-account.md b/...ing-your-personal-account/unlinking-your-email-address-from-a-locked-account.md
@@ -28,11 +28,7 @@ Since an email address can only be associated with a single {% data variables.pr
 1. Navigate to [https://github.com/login](https://github.com/login).
 1. To prompt two-factor authentication, type your username and password, then click **Sign in**.
 1. Under "Unable to verify with your security key?", click **Use a recovery code or request a reset**.
-{% ifversion 2fa-reconfiguration-inline-update %}
 1. Under "Locked out?", click **Recover your account or unlink an email address**.
-{% else %}
-1. On the "Two-factor recovery" screen, click **Try recovering your account**.
-{% endif %}
 1. In the modal that appears, click **I understand, get started**.
 1. To send an email containing a one-time password to each email address associated with your account, click **Send one-time password**.
 1. To verify your identity, type the one-time password from your email in the "One-time password" text field, then click **Verify email address**.

diff --git a/...-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise.md b/...-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise.md
@@ -36,21 +36,21 @@ You can enforce policies to control the security settings for organizations owne
 
 {% ifversion ghes %}If {% data variables.location.product_location %} uses LDAP or built-in authentication, enterprise{% else %}Enterprise{% endif %} owners can require that organization members, billing managers, and outside collaborators in all organizations owned by an enterprise use two-factor authentication to secure their user accounts.{% ifversion ghec %} This policy is not available for enterprises with managed users.{% endif %}
 
-Before you can require 2FA for all organizations owned by your enterprise, you must enable two-factor authentication for your own account. For more information, see "[AUTOTITLE](/authentication/securing-your-account-with-two-factor-authentication-2fa)."
+Before you can require two-factor authentication for all organizations owned by your enterprise, you must enable 2FA for your own account. For more information, see "[AUTOTITLE](/authentication/securing-your-account-with-two-factor-authentication-2fa)."
 
 Before you require use of two-factor authentication, we recommend notifying organization members, outside collaborators, and billing managers and asking them to set up 2FA for their accounts. Organization owners can see if members and outside collaborators already use 2FA on each organization's People page. For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/viewing-whether-users-in-your-organization-have-2fa-enabled)."
 
 {% data reusables.two_fa.ghes_ntp %}
 
 > [!WARNING]
-> * When you require two-factor authentication for your enterprise, members, outside collaborators, and billing managers (including bot accounts) in all organizations owned by your enterprise who do not use 2FA will be removed from the organization and lose access to its repositories. They will also lose access to their forks of the organization's private repositories. You can reinstate their access privileges and settings if they enable two-factor authentication for their account within three months of their removal from your organization. For more information, see "[AUTOTITLE](/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization)."
-> * Any organization owner, member, billing manager, or outside collaborator in any of the organizations owned by your enterprise who disables 2FA for their account after you've enabled required two-factor authentication will automatically be removed from the organization.
-> * If you're the sole owner of an enterprise that requires two-factor authentication, you won't be able to disable 2FA for your user account without disabling required two-factor authentication for the enterprise.
+> * When you require two-factor authentication for your enterprise, outside collaborators (including bot accounts) in all organizations owned by your enterprise who do not use 2FA will be removed from the organization and lose access to its repositories. They will also lose access to their forks of the organization's private repositories. You can reinstate their access privileges and settings if they enable 2FA for their account within three months of their removal from your organization. For more information, see "[AUTOTITLE](/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization)."
+> * Any outside collaborator in any of the organizations owned by your enterprise who disables 2FA for their account after you've enabled required two-factor authentication will automatically be removed from the organization. Members and billing managers who disable 2FA will not be able to access organization resources until they re-enable it.
+> * If you're the sole owner of an enterprise that requires two-factor authentication, you won't be able to disable 2FA for your user account without disabling required 2FA for the enterprise.
 
 {% ifversion mandatory-2fa-dotcom-contributors %}
 
 > [!NOTE]
-> Some of the users in your organizations may have been selected for mandatory two-factor authentication enrollment by  {% data variables.product.prodname_dotcom_the_website %}, but it has no impact on how you enable the 2FA requirement for the organizations in your enterprise. If you enable the 2FA requirement for organizations in your enterprise, all users without 2FA currently enabled will be removed from the organizations, including those that are required to enable it by {% data variables.product.prodname_dotcom_the_website %}.
+> Some of the users in your organizations may have been selected for mandatory two-factor authentication enrollment by {% data variables.product.prodname_dotcom_the_website %}, but it has no impact on how you enable the 2FA requirement for the organizations in your enterprise. If you enable the 2FA requirement for organizations in your enterprise, outside collaborators without 2FA currently enabled will be removed from the organizations, including those that are required to enable it by {% data variables.product.prodname_dotcom_the_website %}.
 
 {% endif %}
 
@@ -59,8 +59,8 @@ Before you require use of two-factor authentication, we recommend notifying orga
 {% data reusables.enterprise-accounts.security-tab %}
 1. Under "Two-factor authentication", review the information about changing the setting. {% data reusables.enterprise-accounts.view-current-policy-config-orgs %}
 1. Under "Two-factor authentication", select **Require two-factor authentication for all organizations in your business**, then click **Save**.
-1. If prompted, read the information about members and outside collaborators who will be removed from the organizations owned by your enterprise. To confirm the change, type your enterprise's name, then click **Remove members & require two-factor authentication**.
-1. Optionally, if any members or outside collaborators are removed from the organizations owned by your enterprise, we recommend sending them an invitation to reinstate their former privileges and access to your organization. Each person must enable two-factor authentication before they can accept your invitation.
+1. If prompted, read the information about how user access to organization resources will be affected by a 2FA requirement. To confirm the change, click **Confirm**.
+1. Optionally, if any outside collaborators are removed from the organizations owned by your enterprise, we recommend sending them an invitation to reinstate their former privileges and access to your organization. Each person must enable two-factor authentication before they can accept your invitation.
 
 {% endif %}
 

diff --git a/...s-in-your-enterprise/requiring-two-factor-authentication-for-an-organization.md b/...s-in-your-enterprise/requiring-two-factor-authentication-for-an-organization.md
@@ -31,9 +31,10 @@ Before you require use of two-factor authentication, we recommend notifying orga
 {% data reusables.two_fa.ghes_ntp %}
 
 > [!WARNING]
-> * When your require two-factor authentication, members and outside collaborators (including bot accounts) who do not use 2FA will be removed from the organization and lose access to its repositories, including their forks of private repositories. If they enable 2FA for their personal account within three months of being removed from the organization, you can [reinstate their access privileges and settings](/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization).
-> * When 2FA is required, organization members or outside collaborators who disable 2FA will automatically be removed from the organization.
-> * If you're the sole owner of an organization that requires two-factor authentication, you won't be able to disable 2FA for your personal account without disabling required two-factor authentication for the organization.
+> * When you require two-factor authentication, members who do not use 2FA will not be able to access your enterprise resources until they enable 2FA on their account. They will retain membership even without 2FA, including occupying seats in your enterprise and organizations.
+> * When your require two-factor authentication, outside collaborators (including bot accounts) who do not use 2FA will be removed from the enterprise and its organization and lose access to repositories, including their forks of private repositories. If they enable 2FA for their personal account within three months of being removed from the organization, you can [reinstate their access privileges and settings](/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization).
+> * When two-factor authentication is required, outside collaborators who disable 2FA will automatically be removed from the enterprise and its organizations. {% ifversion fpt or ghec %}Members and billing managers{% else %}Members{% endif %} who disable 2FA will not be able to access your enterprise and organization resources until they re-enable it.
+> * If you're the sole owner of an organization that requires two-factor authentication, you won't be able to disable 2FA for your personal account without disabling required 2FA for the organization.
 
 ## Requiring two-factor authentication for an organization
 
@@ -50,17 +51,17 @@ To view people who were automatically removed from your organization for non-com
 {% data reusables.audit_log.octicon_icon %}
 {% data reusables.enterprise_site_admin_settings.access-settings %}
 {% data reusables.audit_log.audit_log_sidebar_for_site_admins %}
+
 1. Enter your search query using `reason:two_factor_requirement_non_compliance`. To narrow your search for:
-   * Organizations members removed, enter `action:org.remove_member AND reason:two_factor_requirement_non_compliance`
    * Outside collaborators removed, enter `action:org.remove_outside_collaborator AND reason:two_factor_requirement_non_compliance`
 
    You can also view people removed from a particular organization by using the organization name in your search:
    * `org:octo-org AND reason:two_factor_requirement_non_compliance`
 1. Click **Search**.
 
-## Helping removed members and outside collaborators rejoin your organization
+## Helping removed outside collaborators rejoin your organization
 
-If any members or outside collaborators are removed from the organization when you enable required use of two-factor authentication, they'll receive an email notifying them that they've been removed. They should then enable 2FA for their personal account, and contact an organization owner to request access to your organization.
+If any outside collaborators are removed from the organization when you enable required use of two-factor authentication, they'll receive an email notifying them that they've been removed. They should then enable 2FA for their personal account, and contact an organization owner to request access to your organization.
 
 ## Further reading
 

diff --git a/...two-factor-authentication-2fa/changing-your-two-factor-authentication-method.md b/...two-factor-authentication-2fa/changing-your-two-factor-authentication-method.md
@@ -9,7 +9,9 @@ redirect_from:
   - /authentication/securing-your-account-with-two-factor-authentication-2fa/changing-two-factor-authentication-delivery-methods-for-your-mobile-device
   - /authentication/securing-your-account-with-two-factor-authentication-2fa/changing-your-preferred-two-factor-authentication-method
 versions:
-  feature: 2fa-reconfiguration-inline-update
+  fpt: '*'
+  ghes: '*'
+  ghec: '*'
 topics:
   - 2FA
 shortTitle: Change 2FA method

diff --git a/...or-authentication-2fa/configuring-two-factor-authentication-recovery-methods.md b/...or-authentication-2fa/configuring-two-factor-authentication-recovery-methods.md
@@ -26,7 +26,7 @@ In addition to securely storing your two-factor authentication (2FA) recovery co
 
 To keep your account secure, don't share or distribute your recovery codes. We recommend saving them with a secure password manager.
 
-If you generate new recovery codes or disable and re-enable 2FA, the recovery codes in your security settings automatically update.{% ifversion 2fa-reconfiguration-inline-update %} Reconfiguring your 2FA settings without disabling 2FA will not change your recovery codes.{% endif %}
+If you generate new recovery codes or disable and re-enable 2FA, the recovery codes in your security settings automatically update. Reconfiguring your 2FA settings without disabling 2FA will not change your recovery codes.
 
 {% data reusables.user-settings.access_settings %}
 {% data reusables.user-settings.security %}

diff --git a/...unt-with-two-factor-authentication-2fa/configuring-two-factor-authentication.md b/...unt-with-two-factor-authentication-2fa/configuring-two-factor-authentication.md
@@ -37,8 +37,9 @@ If you're a member of an {% data variables.enterprise.prodname_emu_enterprise %}
 {% endif %}
 
 > [!WARNING]
-> * If you're a member{% ifversion fpt or ghec %}, billing manager,{% endif %} or outside collaborator to a private repository of an organization that requires two-factor authentication, you must leave the organization before you can disable 2FA.
-> * If you disable 2FA, you will automatically lose access to the organization and any private forks you have of the organization's private repositories. To regain access to the organization and your forks, re-enable two-factor authentication and contact an organization owner.
+> * If you're an outside collaborator to a private repository of an organization that requires 2FA, you must leave the organization before you can disable 2FA.
+> * If you're a member{% ifversion fpt or ghec %} or billing manager{% endif %} of an organization that requires 2FA, you will be unable to access that organization's resources while you have 2FA disabled.
+> * If you disable 2FA, you will automatically lose access to the organization. To regain access to the organization, if you're a member{% ifversion fpt or ghec %} or billing manager{% endif %}, you must re-enable 2FA. If you're an outside collaborator, you will also lose access to any private forks you have of the organization's private repositories after disabling 2FA, and must re-enable 2FA and contact an organization owner to have access restored.
 
 {% ifversion 2fa-reconfiguration-inline-update %}
 

diff --git a/...entication-2fa/disabling-two-factor-authentication-for-your-personal-account.md b/...entication-2fa/disabling-two-factor-authentication-for-your-personal-account.md
@@ -37,15 +37,12 @@ To remove yourself from your organization:
 
 {% data reusables.user-settings.access_settings %}
 {% data reusables.user-settings.security %}
-{% ifversion 2fa-reconfiguration-inline-update %}
+
 1. Hover over **Enabled**, then click **Disable**.
 
    ![Screenshot of an account's 2FA settings. A green button labeled "Enabled" is outlined in orange.](/assets/images/help/2fa/disable-two-factor-authentication.png)
 
 1. If necessary, enter your password or perform 2FA once more to disable 2FA for your {% data variables.product.prodname_dotcom %} account.
-{% else %}
-1. Click **Disable**.
-{% endif %}
 
 ## Further reading
 

diff --git a/...nization/preparing-to-require-two-factor-authentication-in-your-organization.md b/...nization/preparing-to-require-two-factor-authentication-in-your-organization.md
@@ -16,11 +16,13 @@ shortTitle: Prepare to require 2FA
 ---
 We recommend that you notify {% ifversion fpt or ghec %}organization members, outside collaborators, and billing managers{% else %}organization members and outside collaborators{% endif %} at least one week before you require 2FA in your organization.
 
-When you require use of two-factor authentication for your organization, members, outside collaborators, and billing managers (including bot accounts) who do not use 2FA will be removed from the organization and lose access to its repositories. They will also lose access to their forks of the organization's private repositories.
+When you require use of two-factor authentication for your organization, outside collaborators (including bot accounts) who do not use 2FA will be removed from the organization and lose access to its repositories. They will also lose access to their forks of the organization's private repositories.
+Members and billing managers will retain membership but not be able to access your organization resources until they enable 2FA.
 
 Before requiring 2FA in your organization, we recommend that you:
+
 * Enable 2FA on your personal account. For more information, see "[AUTOTITLE](/authentication/securing-your-account-with-two-factor-authentication-2fa)."
 * Ask the people in your organization to set up 2FA for their accounts
 * See whether users in your organization have 2FA enabled. For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/viewing-whether-users-in-your-organization-have-2fa-enabled)."
 * Enable 2FA for unattended or shared access accounts, such as bots and service accounts. For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/managing-bots-and-service-accounts-with-two-factor-authentication)."
-* Warn users that once 2FA is enabled, those without 2FA are automatically removed from the organization.
+* Warn users that once 2FA is enabled, outside collaborators without 2FA are automatically removed from the organization, and members and billing managers will not be able to access your organization resources until they enable 2FA.