1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

XF 1.5 Here is my story...

Discussion in 'Troubleshooting and Problems' started by Chris57, Nov 12, 2015.

  1. Chris57

    Chris57 Member

    I have the 2 step activation thing... It is on my staff account. I got a new phone which made me lose the verification app and code generator... How do I get the backup code or get back the generator?
     
  2. Kevin

    Kevin Well-Known Member

    The app is available for Android, iOS, and Blackberry -- Assuming your new phone is one of them, have you installed the app and logged into the app using the same account?

    Nevermind, I'm likely wrong. :barefoot:
     
    Last edited: Nov 12, 2015
  3. Brogan

    Brogan XenForo Moderator Staff Member

    You should have saved the backup codes before replacing your phone.

    You can disable it in config.php using:
    PHP:
    $config['enableTfa'] = false;
    Make sure you delete that after regaining access to your account.
     
  4. Chris57

    Chris57 Member

    How do I even log into my account for the app?
     
  5. Chris57

    Chris57 Member

    Please note I lack intelligence for anything involving code or programming.
     
  6. Brogan

    Brogan XenForo Moderator Staff Member

    That is your only option for regaining access to your account.
     
  7. Chris57

    Chris57 Member

    Can you please tell me what 2 do?
     
  8. Brogan

    Brogan XenForo Moderator Staff Member

    Edit the library/config.php file as explained above.
     
  9. Chris57

    Chris57 Member

    I am severely dumb... Step one?
     
  10. Brogan

    Brogan XenForo Moderator Staff Member

    I suggest employing the services of a sysadmin if you lack even the basic knowledge to edit a file.
     
  11. Chris57

    Chris57 Member

    No need to get agitated... Can you please explain to me what I should do.
     
  12. Martok

    Martok Well-Known Member

    1. Use an FTP program to download the config.php file which is found in the library folder of your XenForo installation.
    2. Edit the file using a program such as Notepad++ (do not use Notepad in Windows)
    3. Add the code that Brogan gave you, then save the file
    4. Upload the config.php file back to the library folder
     
  13. Kevin

    Kevin Well-Known Member

    From the perspective of an Android phone user...

    Your phone is typically associated to an account (usually a Gmail account) that you are logged into. When the app is installed on an Android phone the logged in account on the phone is used (or you can choose a different account if you have multiple accounts configured but most people would have one account). When you create new verification codes within the Google Authenticator app it is associated to the account that was selected (or defaulted for most people as most people would only have one account on their phone). On your new phone if you associated the same account (again, for Android users it'd typically be a Gmail account) to the phone and then installed the Google Authenticator app again then I *think* that your previously configured verification accounts should appear.

    There is no web interface for Google Authenticator, only the phone apps. If you can't get to the app settings then your only alternative is to disable the 2FA option in XenForo itself as @Brogan and @Martok have described.


    Nevermind, I'm likely wrong. :barefoot:
     
    Last edited: Nov 12, 2015
  14. Jeremy P

    Jeremy P Well-Known Member

    @Kevin Are you sure? I don't use the Google Authenticator app anymore, but that certainly wasn't the case last I used it. And it seems like a security concern to have the 2FA secrets stored online and tied to a particular service.
     
  15. Kevin

    Kevin Well-Known Member

    I missed a step, you need to identify the phone is being migrated but, yes, you can migrate your settings to a new device.

    http://www.cnet.com/how-to/how-to-move-google-authenticator-to-a-new-device/

    Nevermind, I'm likely wrong. :barefoot:
     
    Last edited: Nov 12, 2015
  16. Jeremy P

    Jeremy P Well-Known Member

    Those instructions are for moving your Google account 2FA to a new phone, it doesn't include any external services. I've used it quite a few times myself, it's functionally the same as this page in XenForo.

    In either case, with both Google and XF, you have to be able to login to the account to make the change, which you would do either by signing in from a trusted device or using a backup code.
     
  17. Kevin

    Kevin Well-Known Member

    If/when I lose/replace my phone I'll let you know how it went. In the interim XF admin's can simply disable 2FA pretty easily in a worst case scenario.
     
    Jeremy P likes this.
  18. Jeremy P

    Jeremy P Well-Known Member

    As per my edit, I've replaced 3 phones over the course of using 2FA. Google doesn't sync the 2FA secrets with your account, and if it did I would use a different app because that seems unwise for security purposes.

    From the article you linked:

    [​IMG]

    I don't wish to be rude or anything, just trying to clarify. @Chris57 would have to use the config.php flag to restore access to his account if he can't log in.
     
  19. Kevin

    Kevin Well-Known Member

  20. Robust

    Robust Well-Known Member

    :ROFLMAO: You made my day.
     

Share This Page