• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Disable Two-Step Verification (config.php)

Allan

Well-known member
#1

Chris D

XenForo developer
Staff member
#4
Don't enable it then.

I must stress that this config switch should only be used in extreme cases whereby you have locked yourself out of the forum.

Allan, the only way the prompt will come up for each log in is if it is configured to or if you haven't trusted the device you are using. I have 2FA enabled everywhere (including locally) and I only need the 2nd factor if I use a different machine, or the trust period has expired. Also, if you don't want to use 2FA, why have you even activated it? Just go to the Two Step page and disable it. If you haven't set it up and it is forcing you to enable 2FA then that is almost certainly a permission or configuation issue.

If you need assistance with the configuration and it isn't working as expected, debugging that is the best thing to do - not obliterate it for no reason. You should seek assistance for that in the relevant forum.
 

Mike

XenForo developer
Staff member
#5
I would reiterate what @Chris D said, with an extra emphasis: if you are receiving a prompt requiring your to enable 2FA, run analyze permissions to determine if the permission has been enabled and where. This permission is never automatically enabled so it should only occur if you have explicitly (if accidentally) enabled it. If you're sure you didn't do that (or you can't find where the permission has been enabled from), we want to know about it to try to debug it.
 

Fred.

Well-known member
#7
I notice that 95% of the admins that want to disable Two-Step Verification don't know how it works. And apparently they don't want to spend 5 minutes to find out how it works to make their forum more secure for all their members.
They don't know you don't have to use it if you don't want to use it. It's Optional. That means everyone can choose if they want to enable it or not.

You don't have to use it yourself if you don't want, but for god's sake don't disable the whole Two-Step Verification for everyone!

If you disable Two-Step Verification your not worth the name "admin"! (n)
And I'm pretty sure more people here think the same.
 

Zynektic

Well-known member
#8
I cannot agree more Fred.!

Just because some users do not like it...they do not need to activate it and count as a whole. If you disable it as the site owner just because it bugs you then you are putting your members at risk by not allowing them security.

Whilst I can understand some people may do it by -accident- that being, not sure what they are doing such as an elderly person so enabling it and can lock themselves out, you can resolve it quickly and you should make a post of some form explaining the feature and how it benefits them in the first place.
 
#12
Question guys,

I have disabled it everywhere that I can find it.
Yet, it still asks for the email confirm at log in, then asks for it again at admin panel

I have went thru all group permissions disabling it for now,
Have went thru current users and disabled it for now,

New setup, just trying to get stuff built on the admin side, and it continues to ask for that verification as I move around

Please advise,
TIA
 

zoldos

Well-known member
#13
I'm not exactly sure what you mean here. "E-mail confirm"? Is it asking you to enter a code from your mobile device?
 

Brogan

XenForo moderator
Staff member
#14
Yet, it still asks for the email confirm at log in, then asks for it again at admin panel
I have responded to your ticket concerning 2FA but this doesn't sound like it is related to that.

and it continues to ask for that verification as I move around
It sounds to me like you are being logged out, possibly due to your IP address changing and/or server configuration.
 
#15
Thanks guys,

By email confirm, that is the 2nd part of the 2 step I am referring to, sorry. Where by email it sends the activation code.

Thank you, but I am on a fixed IP.

Let's ask a different question that was referred to earlier in this thread, as I appreciate the why regarding the 2 step.

"Is it possible to turn off the 2 step for Admin/Moderator personnel?" or is that a program requirement?

I appreciate that members can opt in and out, but can Admin opt in and out of it? Reason I ask, is even with all boxes unchecked, it still requires the 2 step, or it will provide a message that states 'must have 2 step enabled to view x' as I move around as logged in admin.

Thanks again!
 

zoldos

Well-known member
#16
As far as I know, 2 step verification can easily be enabled/disabled via usergroup permission. If not, you may have a buggy install.
 
#17
Hi guys and thanks for the help,

I went with the nuclear option to start, ie remove it, until I had time to mess with it any further.
Was building and setting up the website and noticed other curious things.

One of the first things I had done was setting the permissions for the different member levels. Yet, not following the manual, I had areas in 'registered users' for instance checked as 'never' rather than 'not set/no'. When I had those set in the never category, there were no mod tools under thread tools. When I read the manual regarding permissions, went back and reset the permissions to include the 'not set/no', then the mod tools appeared and so on. Effectively, I ran into the situation where the 'never' category was affecting other items unrelated to the item being set to 'never' on the website. So that was my bad there. The laws of unintended consequences and all that.

Then I started wondering if that was why the issues were occurring on the 2 step. When I get more time, I will reinstate the 2 step, then check to see that it is operating as intended and earlier stated by others.

Thanks again guys,

Much appreciate the assist,
 
#18
Wait so like this?

<?php $config['enableTfa'] = false;



$config['db']['host'] = 'troll';

$config['db']['port'] = 'troll';

$config['db']['username'] = 'troll';

$config['db']['password'] = 'troll';

$config['db']['dbname'] = 'troll';





$config['superAdmins'] = '2';