actually i am facing up with strange TOTP Problem in my Nextcloud instance.
A few months ago i had to reset my phone and i forgot where i backuped my backup codes. So i was unable to login in my administration account and i decided to disable totp for my admin user temporarely over the occ command. I tried to reenable totp for my user but i didn’t work. Now, months later, after upgrading to NC 13 it does not work after all.
I tried to disable, remove, reinstall and reenable the app but it did not work.
Steps:
Apps/TOTP disable
Apps/TOTP remove
Apps/TOTP enable
occ twofactorauth:disable administrator
occ twofactorauth:enable Administrator
What could be the Problem? Are there other steps for repairing?
Thanks in advance for any help.
I’m not sure however if clearing these tables will solve the problem or cause even more issues. It’s even possible that there is another table that I’m not aware of. With a good backup including a DB backup you could probably run some tests there.
I do think, that clearing those tables will effectively wipe the 2fa from your account. There is only one more possible table named oc_twofactor_u2f_registrations, but this is only present, if you installed the U2F app.
Also, be careful, if your admin account isn’t the only one who’s listed in the table, of course…
I’d also stop my NC instace prior to making such changes in the database.
I acted this way. My steps were:
Uninstalling TOTP
Removing TOTP
Dropping these two databases
Installing TOTP
Enabling and setting up in my admin account
finally reenabling now, seems to work. But i get an error, because of dropping the tables oc_twofactor_backupcodes and oc_twofactor_totp_secrets. The table with the backupcodes was not set up after reinstalling totp provider. So it seems to work but i can’t login.
I will now import my database backup of the backupcodes table and i hope it will work again. Thanks for your help guys.
Thank you for your last post. I used the same steps to recover from a backup. I think step 5 does not always work: some plugins requre the user to enable the 2fa. It says it is not supported for totp anyway.
What happened to me:
Ubuntu killed my php config. After doing a dist-upgrade it deleted php and apache all together (weird, but should not have used dist-upgrade).
Luckily I had a backup of the entire VM of a couple of months old. After restoring that I had a running Nextcloud again. However: I had reset my totp tokens in that time so my token did not work, nor did the new backup tokens. Since 2fa is now mandatory I could not seem to disable it in any way. So I could only login with the admin account (which had 2fa disabled at the time of backup: yaj! ). Running the occ command to disable 2fa for a user did not work.
So your guide can also be used if you just recovered from a backup and are not able to DISABLE 2fa. The truncate tables did the trick. THANK YOU!