ArtIT Wiki

User Tools

Site Tools

Trace: 2fa_nextcloud_adjustments
2fa_nextcloud_adjustments

DISABLE 2FA IN NEXTCLOUD

If you cannot login or lost your back-up codes for TOTP in Nextcloud, you can disable it by editing the SQL database.

Follow these steps: 

 mysql -u root -p

Enter your passsword and list the database you have nextcloud installed in with 

 show databases;

Go into your database name (in this case nextclouddb) by typing: 

 use nextclouddb;

Find the table with passwords for TOTP with: 

 select * from oc_twofactor_providers;

It will show a the table like this: 

 +----------------------------------+-------------+---------+
| provider_id                      | uid         | enabled |
+----------------------------------+-------------+---------+
| backup_codes                     | user1       |       0 |
| backup_codes                     | user2       |       1 |
| ...                              | ...         |     ... |
| totp                             | user1       |       1 |
| totp                             | user2       |       1 |
| ...                              | ...         |     ... |
| twofactor_nextcloud_notification | user1       |       0 |
| twofactor_nextcloud_notification | user2       |       0 |
| ...                              | ...         |     ... |
| u2f                              | user1       |       0 |
| u2f                              | user2       |       0 |
| ...                              | ...         |     ... |  
+----------------------------------+-------------+---------+

Change the value in “enabled” of a user you want in “uid” of the “provider_id” “totp” from 1 to 0 to disable the TOTP authentication in Nextcloud by typing: 

 update oc_twofactor_providers set enabled='0' where uid='user2' and provider_id='totp';

After this change your good to login without 2FA for that selected user. If you like to enable 2FA again for a particular user just enable the value with '1' by typing: 

 update oc_twofactor_providers set enabled='1' where uid='user2' and provider_id='totp';

Tip:

you also can change the secrets are make it a identical code for all users in this table: 

+----+---------+----------------------------------------+-------+--------------+
| id | user_id | secret                                 | state | last_counter |                                                                                                                                                                                                         
+----+---------+----------------------------------------+-------+--------------+
|  1 | user1   | WQSXCDEOTKGVMB                         |     2 |     34321134 |
|  2 | user2   | POIJELKAJSDIFJ                         |     2 |     34321134 |
|  3 | user3   | LKAJDFOIJEJLKL                         |     2 |     34321134 |
|  4 | user4   | ALSKDJFIKOEJLF                         |     2 |     34321134 |
|  5 | user5   | KJALKENEODKJLK                         |     2 |     34321134 |
+----+---------+----------------------------------------+-------+--------------+

List the table by typing 

select * from oc_twofactor)totp_secrets;

Update the users with a particular code of another user by typing: 

insert into oc_twofactor_totp_secrets (id, user_id, secret, stat, last_counter (values(2,'user2,'POIJELKAJSDIFJ',2,34321134;



Enjoy,

Your ArtIT Team

BACK

2fa_nextcloud_adjustments.txt · Last modified: 2021/07/13 18:45 by chris