How to enable 2FA on Bugzilla@Mozilla
- Sign in to your Bugzilla@Mozilla account.
- Open Account settings → Security (the exact path varies; see the official docs link above).
- Choose your preferred method from the list — TOTP and hardware keys are the recommended options.
- For TOTP: scan the QR code with Kaito or your authenticator app of choice. Verify the first 6-digit code before saving.
- Save the recovery codes somewhere safe — they're your last resort if you lose your authenticator and your hardware keys.
Sharing Bugzilla@Mozilla 2FA with a team (with Kaito)
Kaito gives you a vault for shared TOTP and a real-time inbox for shared SMS, with per-token group permissions and an audit log on every code view. To share Bugzilla@Mozilla access with your team:
- In Kaito, go to Tokens → New and add the Bugzilla@Mozilla 2FA seed (or scan the QR).
- Permission the token to a group:
code-onlyfor most teammates,full-seedonly for the admins who would handle rotation. - Stream the audit log to your SIEM if you want a complete record of which team members generated codes for Bugzilla@Mozilla and when.
Note: Bugzilla@Mozilla's terms on account sharing are unclear or grey-area. Many teams share access in practice; doing so via Kaito gives you a clean audit trail if it ever becomes a question.
Frequently asked questions
Does Bugzilla@Mozilla support 2FA?
Yes. Bugzilla@Mozilla supports 2FA via Custom app, TOTP.
What is the most secure 2FA method for Bugzilla@Mozilla?
TOTP via an authenticator app is the most secure option Bugzilla@Mozilla currently supports.
Can I share Bugzilla@Mozilla 2FA with my team?
Bugzilla@Mozilla's terms on account sharing are grey-area. Many teams share access in practice; using Kaito gives you a clean audit trail if it ever becomes a question.
How long does it take to enroll Bugzilla@Mozilla 2FA in Kaito?
Under two minutes. Open the Bugzilla@Mozilla security settings, scan the QR code with Kaito's add-token flow, and verify the first generated code matches.