XF 2.2 Login two steps

R

Robert9

Well-known member
Today my system told me to login with two steps.
I checked permission and the two steps are set to none.
Any idea how this is possible?
 
Sort by date Sort by votes
Robert9 said:
Today my system told me to login with two steps.
I checked permission and the two steps are set to none.
Any idea how this is possible?
Click to expand...
Probably need more details here.
2FA just doesn't enable itself on its own.
Check your permissions with the analyzer and of course, check your personal account settings.

And I guess it's worth mentioning, but any other security setup anywhere that would invoke a 2-step login?
 
Upvote 0 Downvote
The problem is still existing, but it is the IPad where I have to enter the 2FA, not the PC where I work.
Is there any addon with a function like: Ask for 2FA if not same login like normal? Or is it the cookie on the IPad, that directs the 2FA?
 
Upvote 0 Downvote
Robert9 said:
The problem is still existing, but it is the IPad where I have to enter the 2FA, not the PC where I work.
Is there any addon with a function like: Ask for 2FA if not same login like normal? Or is it the cookie on the IPad, that directs the 2FA?
Click to expand...
I think I answered this already, you need to check your account settings here ../account/two-step/ -- is it set for 2FA or not?
When you enable 2FA in Xenforo, you have to authenticate each device...
1697696339546.png
If you check this box, you don't need to use 2FA again for 30 days. (this is default XF functionality without any addons)
Each browser/device you use would need to be authenticated.

If you don't have 2FA enabled on your account, then you've got something else going on.
 
Upvote 0 Downvote
Group admin:
2FA: NEVER

Group user
2FA: Now


Check permissions:

No!
Admin: Never
User: No


Check config! (could have $config['enableTfa'] = true;)

Code: 
$config['superAdmins'] = '1';
$config['fullUnicode'] = true;
$config['enableListeners'] = '1';


Check mysql

xf_user_option.use_tfa set to 1

Check users/admin.1/edit

found tfa aktivated

I have never touched this here!



Only explaination could be:

$config['enableTfa'] = true;
was set last week for five minutes.

This would mean that temporary settings here changes the setting of admin options?
 
Last edited:
Upvote 0 Downvote
Robert9 said:
This would mean that temporary settings here changes the setting of admin options?
Click to expand...
No.

$config['enableTfa'] = true; - This is the default setting and the only time you would put this in your config.php file is if you want to set it to $config['enableTfa'] = false; to disable 2FA globally. (used in emergency cases to gain access an account that is protected by 2FA).

If you have this...
1697706788200.png
...set to YES, then any account in that group would require 2FA to be used.

In ALL other circumstances, the user has to configure 2FA themselves if they so choose to if the 2FA system is enabled (default setting is yes)

The remaining factor is this setting: ../admin.php?options/groups/acp/
1697706934086.png
If you login to the ACP, this setting could be placed to require any administrators with ACP access, to login via 2FA.
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

H
  • Solved
XF 2.3 I Can't Cancel Two-Step Verification
2
Replies
22
Views
125
htsumer
H
alexm
  • Question Question
XF 2.2 How do I find the number of users with Two-step verification enabled?
Replies
5
Views
52
alexm
alexm
craigForo
  • Solved
XF 2.3 Two-step verification required
Replies
2
Views
66
craigForo
craigForo
Jkay
  • Question Question
XF 2.2 Users Batch update, Require two-step verification
Replies
4
Views
91
Jkay
Jkay
Wanji
  • Solved
XF 2.2 You must enable two-step verification to access the control panel
Replies
10
Views
280
Wanji
Wanji
Back
Top Bottom