Still need help disabling 2FA on my account

I am running NCP 19 on an Intel NUC.
Most things are working well. I have enabled 2FA on my account, and I can still log in.
I would like to disable 2FA on my account.

Note at no point have I set enforced 2FA to true, it is currently not set

Most of the instructions to disable 2FA refer to changing the enforcement rule. This does not actually disable for my account.

Thanks in advance!

You would need to disable it the same way you enabled it. It’ll be in your user settings.

https://docs.nextcloud.com/server/19/admin_manual/configuration_user/two_factor-auth.html?highlight=2fa

Hi,

In my case, I go to the /settings/user/security page, then I uncheck TOTP.

1 Like

Thanks guys,
I can go to settings > personal > security

And then disable email verification, and next cloud notification, but I cannot turn off the backup codes. So even when those two are turned off, I can then log in only with a backup code

I don’t use any of the other 2FA methods.

How do I turn off everything!?

Furthermore, the help documentation does not say anything about disabling 2FA for a user even by using the command line tools…

Hi,

Backup codes is not 2FA and can’t be disable. Don’t you have the option like in my screenshot?

I do have that option, and it is unticked. I can disable the TOTP app too, as well as all of the other 2FA apps and then it says the only way to log in is via a backup code.

No password is required?

What happens is I uncheck everything, log out, attempt to log back in with username and password and then it says that two factor is enabled and that the only option is to enter a backup code or contact the administrator.

I don’t have a screenshot so I did it all again just now, unchecked everything again right now, and it works (yay for it working), but frustrating that the behaviour has unexpectedly changed. I have experienced this for the last two months, including yesterday. No other settings have been changed - but then maybe something auto updated as those things are enabled … I don’t know.

Thanks for the assistance anyway and sorry for wasting your time, I’ll post again if it reoccurs.

OK, now I see exactly what happens, but I don’t know how to help you.
Maybe something risky : try to delete manually the entry of your user in “oc_twofactor_totp_secrets” table in your nc database but make a backup first.