Locked out with Yubi-Key-App

qwertzal · January 5, 2019, 1:51pm

Nextcloud version (14):
PHP version (7.2):

Dear all,

I made a big mistake: I have a single-user installation of Nextcloud on my webspace. And I locked myself out from Nextcloud with the Yubikey-App. Before logging out from Nextcloud, I deactivated the Yubikey-App. But the Two-Factor-Verification is still active.

So, if I want to log in now, I get the message that my Second-Factor-Authenification-Method could not be loaded.

Is there any method to deactivate the Two-Factor-Verification so tat I can access Nextcloud with onls my username and my password? Perhaps by modification of the mysql-tables?

Thank you so much for your help!

SISheogorath · January 5, 2019, 2:46pm

You can use the cli on your server to reset 2FA for your user. Go to the nextcloud directory on your webserver an then use the occ-CLI to disable it:

php ./occ twofactorauth:disable <uid>

(replace the <uid> with your username)

qwertzal · January 6, 2019, 5:48pm

Thanks a lot!

I need SSL for this, right? I have to ask my webhoster for it. (I worked only with the webinterface for the moment).

Can I simply replace with my Nextcloud-Log-In-Name? Or can there be a difference between my log-in-name and my username? Thanks again!

SISheogorath · January 12, 2019, 1:00pm

Yes, this should be your login name.

Since this has to run n the the same host as your Nextcloud instance (means you have to run it using the command line) there is no SSL involved.

qwertzal · January 12, 2019, 4:56pm

Thank you very much for your help. Everything worked out perfectly!

codekraft · September 1, 2019, 7:57pm

You can use the cli on your server to reset 2FA for your user. Go to the nextcloud directory on your webserver an then use the occ -CLI to disable it […]

Unfortunately this doesn’t work for me anymore.

$ occ twofactorauth:state constantin  
Two-factor authentication is enabled for user constantin

Enabled providers:
- backup_codes
- yubiotp
- totp
Disabled providers:
- u2f

When I try to disable yubiotp the following output is shown:

$ occ twofactorauth:disable constantin yubiotp
The provider does not support this operation.

Although :state show totp being an enabled provider when trying to disable it it says it wouldn’t exist.

$ occ twofactorauth:disable constantin totp   

In ProviderManager.php line 54:
                                       
  The provider 'totp' does not exist'

I’m using Nextcloud 16.4.