XF 1.5 Can't login to my forum with 2FA after iOS upgrade failed on my iPhone

fredrikse · Dec 4, 2022

Hi, I've been running an Xenforo forum for many years and I never imagined I could lock myself out of my own forum. But that's what happened a while back when an iOS upgrade failed on my iPhone.

Before I upgraded the iPhone I made sure I had a fresh backup. And when the upgrade failed due to disruptions in the Internet connection I restored the fresh backup successfully.

But when I tried to login to my forum with my admin account I was not successful. Apparently my forum connection in the Microsoft Authenticator App was not restored when I restored the iOS backup. Therefore I could not complete the login in with 2FA, which is set to be my default login method.

My question now is how I can gain access again to the forum with my admin account? I would like to disable 2FA somehow to allow myself to login with only my password.

I have read and write permissions on the database itself. I think I'm running version 1.5. I guess I can verify that by running a query in the database?

Thanks in advance for any suggestions.

AndyB · Dec 4, 2022

Add this to your config.php file:

$config['enableTfa'] = false;

Tracy Perry · Dec 4, 2022

fredrikse said:
But when I tried to login to my forum with my admin account I was not successful. Apparently my forum connection in the Microsoft Authenticator App was not restored when I restored the iOS backup. Therefore I could not complete the login in with 2FA, which is set to be my default login method.

As explained... you can turn 2FA off...
But suggestion... look for a 2FA app that will back up (encrypted) your credentials either to iCloud or a server they run (like Authy does, but it's broke for my QR codes and they are aware of an issue with it). I currently use 2FAS, as it backs up encrypted to iCloud, and upon a restore you get your data back.
I am also using @digitalpoint's add-on and have 2 YubiKeys set up to work.

Muddy Boots · Dec 4, 2022

@digitalpoint's add-on and YubiKey as well - with backup codes......

ronald mcdonald yes GIF by McDonald's CZ/SK

fredrikse · Dec 4, 2022

Thanks for all suggestions so far.

AndyB said:
Add this to your config.php file:

$config['enableTfa'] = false;

I assume this will effect all users? Is there a way to disable it for a specific user?

Tracy Perry said:
As explained... you can turn 2FA off...
But suggestion... look for a 2FA app that will back up (encrypted) your credentials either to iCloud or a server they run (like Authy does, but it's broke for my QR codes and they are aware of an issue with it). I currently use 2FAS, as it backs up encrypted to iCloud, and upon a restore you get your data back.
I am also using @digitalpoint's add-on and have 2 YubiKeys set up to work.

Will definitely look for a different app going forward that back up credentials properly.

Brogan · Dec 4, 2022

Edit the config file to add the line.

Log in and update 2FA for your account.

Edit the config file again to remove the line.

Tracy Perry · Dec 4, 2022

fredrikse said:
I assume this will effect all users? Is there a way to disable it for a specific user?

Yes, it is global...
And yes, if a specific user has it enabled and has the same issue and contacts you via the Contact Us link, you can disable it in their user profile as long as you have ACP access.

Screen Shot 2022-12-04 at 3.51.58 PM.png

fredrikse · Dec 5, 2022

Brogan said:
Edit the config file to add the line.

Sounds like this is the way to do it then. And when I enable the 2FA setting again in the config file all existing users with 2FA activated will be able to use this login method again?

Brogan said:
Log in and update 2FA for your account.

When I have managed to login, should I just remove 2FA on my account as the preferred login method?

Tracy Perry said:
And yes, if a specific user has it enabled and has the same issue and contacts you via the Contact Us link, you can disable it in their user profile as long as you have ACP access.

In order to have ACP access I guess I need to be able to login? That's not the case right now with the 2FA issue. Is there a query that I can run for a specific user to disable 2FA?

bzcomputers · Dec 5, 2022

fredrikse said:
Is there a query that I can run for a specific user to disable 2FA?

No, that wouldn't be a good way to do it.

Two scenarios:
1) You (an admin) is locked out of 2FA: Add this to your config.php file: $config['enableTfa'] = false; then login as admin and under your specific account, disable and re-enable 2FA with a new 2FA authentication. Then reenable the 2FA option sitewide by removing the line above from config.php.

2) A member/user is locked out: As an admin you can go in and disable 2FA under their specific account. Then they can reenable at later time with a new authentication.

fredrikse · Dec 28, 2022

In what folder of the installation directory will I find the config file? I found one in the library folder but I'm not sure if it is the correct one.

Brogan · Dec 28, 2022

That is correct for XF1.

fredrikse · Dec 29, 2022

Brogan said:
That is correct for XF1.

Great. And if $config['enableTfa'] = false; is not present, I can just append it to the config file?

AndyB · Dec 29, 2022

fredrikse said:
Great. And if $config['enableTfa'] = false; is not present, I can just append it to the config file?

Correct.

FTL · Jan 4, 2023

@fredrikse did you manage to log back in?

XF 1.5 Can't login to my forum with 2FA after iOS upgrade failed on my iPhone

fredrikse

Active member

bzcomputers

AndyB

Well-known member

Tracy Perry

Well-known member

Muddy Boots

Well-known member

fredrikse

Active member

Brogan

XenForo moderator

Tracy Perry

Well-known member

fredrikse

Active member

bzcomputers

Well-known member

fredrikse

Active member

Brogan

XenForo moderator

fredrikse

Active member

AndyB

Well-known member

FTL

Well-known member

Similar threads

We value your privacy