[No QA] Update Two-Factor-Authentication.md

[jliexpensify]

Resource Updates for Expensify/Expensify#626857 (Classic)

Just changed the following:

• New file name
• Noted that after May 2026, Recovery Codes are automatically downloaded

[jliexpensify]

@stephanieelliott curious if you think we need to change the May 2026 sentence? I think it's important to make that distinction because users enabling 2FA before May 2026 won't get that automated download - but happy to defer to your thoughts here!

[github-actions]

HelpDot Documentation Review

Overall Assessment

This PR updates the Two-Factor Authentication article for Expensify Classic to reflect a product change: 2FA recovery codes are now automatically downloaded rather than manually copied/downloaded by the user. The changes are limited to two sections -- a procedural step and an FAQ answer. The update is straightforward and accurately communicates the new behavior.

Scores Summary

• Readability: 7/10 - The updated steps are clear, but step 4's sub-bullet beginning with "However, we also recommend..." reads more like a disclaimer than an actionable instruction. Procedural steps should be action-oriented per the authoring guidelines.
• AI Readiness: 7/10 - The changes themselves are fine for retrieval, but the YAML keywords array still includes "backup codes" while the article body now exclusively uses "Recovery Codes." This terminology mismatch may hurt search/retrieval accuracy. (Note: the missing internalScope field is a pre-existing gap, not introduced by this PR.)
• Style Compliance: 7/10 - "Recovery Codes" capitalization should be verified against the actual UI label. If the UI displays "Recovery Codes" with that exact casing, this is correct. The removal of the bold Download and Copy button references is appropriate if those buttons no longer exist in the updated UI.

Key Findings

• The terminology shift from "backup codes" to "Recovery Codes" is applied consistently within the changed lines, which is good. However, the keywords field in the YAML frontmatter still references "backup codes" -- this should be updated to include "recovery codes" to maintain search alignment.
• Step 4 could be more action-oriented. Currently it reads as a passive statement ("Your Recovery Codes will be automatically saved...") followed by a recommendation sub-bullet starting with "However." Consider restructuring to lead with the user action, e.g., a recommendation to verify the download location or store codes securely.
• The FAQ answer cleanly explains the date-conditional behavior ("after May 2026"), which is helpful for users on both old and new flows.
• The new filename DO-NOT-DELETE_Expensify-2FA-RecoveryCodes is properly formatted in backtick code style.

Recommendations

1. Update YAML keywords: Add "recovery codes" to the keywords array and consider whether "backup codes" should be retained for backward search compatibility.
2. Verify UI terminology: Confirm "Recovery Codes" matches the exact capitalization shown in the product UI, per the Naming Conventions governance.
3. Strengthen step 4: Consider making the sub-bullet more action-oriented, e.g., "Copy and store them in a secure location as a backup" rather than leading with "However."
4. Minor style note: The phrase "onto the computer or device where two-factor authentication was set up" in step 4 is somewhat verbose. Consider simplifying to "to your device" for conciseness.

Files Reviewed

• docs/articles/expensify-classic/settings/Two-Factor-Authentication.md -- Terminology updated from "backup codes" to "Recovery Codes"; procedural step 4 and one FAQ answer revised to reflect automatic download behavior.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: ade8aa7cff

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[OSBotify]

A preview of your ExpensifyHelp changes have been deployed to https://14fa86bb.helpdot.pages.dev ⚡️

Updated articles:

• articles/expensify-classic/settings/Two-Factor-Authentication

[stephanieelliott]

@stephanieelliott curious if you think we need to change the May 2026 sentence? I think it's important to make that distinction because users enabling 2FA before May 2026 won't get that automated download - but happy to defer to your thoughts here!

I agree with you @jliexpensify! Let's ignore that one

[stephanieelliott]

@jliexpensify give me a bump when this one is ready for review!

[jliexpensify]

@stephanieelliott both the 2FA PR's are good for a review!

[stephanieelliott]

Nice! Merging this one

[melvin-bot]

@stephanieelliott looks like this was merged without a test passing. Please add a note explaining why this was done and remove the Emergency label if this is not an emergency.

[github-actions]

Step formatting violation (HELP_AUTHORING_GUIDELINES.md Section 5): Numbered steps must be action-oriented — they should instruct the user to do something. This step is a passive statement ("Your Recovery Codes will be automatically saved...") rather than a user action.

Consider rewriting as an action, e.g.:
4. Save your Recovery Codes, which are automatically downloaded to the computer or device where two-factor authentication was set up.

Also: "Recovery Codes" is capitalized here and on line 81, but the rest of the article (lines 27, 40, 61) uses lowercase "recovery codes." Please ensure consistent casing that matches the UI exactly (per HELPSITE_NAMING_CONVENTIONS.md Core UI Referencing Rules).

[github-actions]

Readability / structure: Starting a sub-step with "However" is awkward and weakens the instruction. Since this is the only sub-bullet, the colon + single-item list structure on line 20 is unnecessary. Consider folding this into the main step as a direct recommendation, e.g.:

4. Save your Recovery Codes, which are automatically downloaded to your device. We recommend also copying and storing them in a separate secure location.

[github-actions]

Readability: "As long as you set up 2FA after May 2026" is time-sensitive language that will become outdated and confusing for future readers. HelpDot articles should use durable, evergreen phrasing. Consider removing the date qualifier or rephrasing to something like: "Recovery Codes are automatically added to your device's Downloads folder under the file name DO-NOT-DELETE_Expensify-2FA-RecoveryCodes." If a historical note is truly needed, move it to a less prominent position.

[github-actions]

HelpDot Documentation Review

Overall Assessment

This PR updates the Two-Factor Authentication article for Expensify Classic to reflect a product change: Recovery Codes are now automatically downloaded rather than requiring the user to manually click Download or Copy. The changes are small (5 additions, 4 deletions) and limited to one file. The updates are factually aligned with the new product behavior and improve accuracy.

Scores Summary

• Readability: 7/10 - The updated step 4 is slightly awkward. "Your Recovery Codes will be automatically saved onto the computer or device where two-factor authentication was set up:" reads as a statement rather than an actionable step, and the sub-bullet starting with "However" feels disjointed in a numbered step sequence. The FAQ update is clear and well-structured.
• AI Readiness: 9/10 - The changes maintain proper terminology ("Recovery Codes", "two-factor authentication"), use the feature name consistently, and the FAQ heading already follows question-based format. No metadata changes were needed for this scope of update.
• Style Compliance: 8/10 - Terminology is consistent ("Recovery Codes" is capitalized throughout the diff, matching the updated product language). Minor issues: the old term "backup codes" still appears elsewhere in the unchanged file (line 4 keywords, line 27), but since those are outside the diff scope, they are not scored here. Within the diff, "two-factor authentication" in step 4 is lowercase while the UI toggle referenced earlier in step 3 uses title case -- this inconsistency is worth noting.

Key Findings

• The shift from "backup codes" to "Recovery Codes" in the changed lines aligns with updated product terminology, which is positive for consistency.
• Step 4 no longer reads as an action the user takes -- it is now a passive statement ("Your Recovery Codes will be automatically saved"). Per the Step Formatting Standard (Section 5 of HELP_AUTHORING_GUIDELINES.md), steps should be "action-oriented." Consider rephrasing to something like: "Wait for your Recovery Codes to download automatically to your device." or simply note the auto-download behavior before/after the numbered steps rather than as a step itself.
• The sub-bullet "However, we also recommend copying and storing them in a secure location." uses "we" which introduces a first-person voice. Consider rephrasing to: "Copy and store them in a secure location as a backup."
• The FAQ update ("As long as you set up 2FA after May 2026...") provides a clear temporal boundary, which is helpful for users.

Recommendations

1. Rephrase step 4 to be action-oriented rather than a passive statement. For example: "Wait for your Recovery Codes to download automatically, then copy and store them in a secure location."
2. Remove "However, we also recommend" -- drop the first-person "we" and the hedging word "However." A direct instruction is clearer and aligns with the deterministic writing rule.
3. Minor consistency check: Within step 4, "two-factor authentication" is lowercase; confirm this matches the UI label exactly. If the UI shows "Two-factor authentication" or "Two-Factor Authentication," match it.

Files Reviewed

• docs/articles/expensify-classic/settings/Two-Factor-Authentication.md -- Updated step 4 (auto-download of Recovery Codes) and FAQ answer (new file name and May 2026 behavior change). Changes are accurate but step formatting could be tightened.

Review based on docs/HELP_AUTHORING_GUIDELINES.md, docs/HELPSITE_NAMING_CONVENTIONS.md, and docs/TEMPLATE.md governance standards.

[OSBotify]

🚀 Deployed to staging by https://github.com/stephanieelliott in version: 9.3.80-0 🚀

platform	result
🕸 web 🕸	success ✅
🤖 android 🤖	success ✅
🍎 iOS 🍎	success ✅

Bundle Size Analysis (Sentry):

• Android
• iOS

[OSBotify]

🚀 Deployed to production by https://github.com/luacmartins in version: 9.3.81-2 🚀

platform	result
🕸 web 🕸	success ✅
🤖 android 🤖	success ✅
🍎 iOS 🍎	success ✅