Account email verification

Tier: Free, Premium, Ultimate
Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated

Account email verification provides an additional layer of GitLab account security. Email verification is required in the following situations:

Your account is locked due to multiple failed sign-in attempts.
Email-based one-time password (OTP) is enabled for your account.
You sign in from a new or untrusted IP address.

On GitLab Self-Managed and GitLab Dedicated, this feature is disabled by default. Use the application settings API to enable the require_email_verification_on_account_locked attribute.

For a demo, see Require email verification - demo.

To complete email verification, sign in to your account and enter the six-digit verification code sent to your primary email address. If you cannot access your primary email address, you can instead send the verification code to any of your secondary email addresses.

Verification codes expire after 60 minutes.

On GitLab.com, if you don’t receive a verification email, select Resend Code before you contact the support team.