ASF account management

Your ASF account

Committers to Apache Software Foundation projects and ASF Members have personal accounts to facilitate their work and communications.

Your Apache email address

Your account includes an Apache email address which is usually You can link that mailbox to a personal email address so you can receive mail frp, your Apache address and send mail with your Apache address as the "from" address. See Committer email.

Managing your account details

Log in to Whimsy and, in the Available to Committers section, click Your personal details. You can update any information in blue by double-clicking it and making the necessary changes in the form that appears.

Regaining access to your committer account

If you forgot your password, try...

  1. to reset it at That will email to your address (which forwards to your non-apache email account) a short-lived password reset link. The link may be encrypted to your PGP key.
  2. decrypting the e-mail - one way to do this is to save the e-mail contents as a text file, e.g. password.txt. Open a shell command window, and run the following command:
gpg -d password.txt</code>

This should decrypt the file and display the output in the window.

  1. If you have lost access to your registered email address, file an additional ICLA with Secretary. Follow the directions for submitting an ICLA. Include your current Apache ID and mention in your cover email that you are requesting a change to your email address.

  2. If that didn't work, email root@. In your email, mention the following information:

  • Your username.
  • The fact that you have tried a self-service password reset, and why it didn't work. (Was the mail received? Did you decrypt it successfully?)
  • Why you need to regain access to your Apache account -- e.g., if it is to work on a foundation project, name that project; or if you are a foundation member, state that.
  • Whether you have SSH access to or to a PMC jail/zone/VM via public-key authentication.
  • Whether you ever set up OPIE on any * box. (This is only applicable to people who had root permissions on PMC VMs.)
  • Whether you have access to the private part of a PGP key associated with your Apache account.
  • Whether the contact information on your ICLA is valid.
  • For (ASF Members only, whether the contact information in your members.txt entry is valid.
  • Whether you are able to send a new ICLA, with the same signature as your original one, which specifies new contact information.
  • Whether there is any other way in which we (infra) might satisfy ourselves that you are the legitimate owner of that account.

Note: please do not ask other ASF committers or Members to email root@ to vouch for you.

Two Factor Authentication

Infra provides two-factor authentication (2FA) for account logins via the Apache OAuth System. You can opt to enable it, however, note that, if you enable @FA, you cannot later disable it.

The documentation for ASF 2FA is here.

Note: If you are using GitHub, you must also use GitHub's 2FA, which is separate from the Apache 2FA. If you are having trouble logging in to GitHub (or some other service) or to Apache, make sure you are using the correct entries for the 2FA in question.

Copyright 2023, The Apache Software Foundation, Licensed under the Apache License, Version 2.0.
Apache® and the Apache feather logo are trademarks of The Apache Software Foundation...