2FA will not reset when resetting a users password with a link

alexdimarco

When resetting a users password as an admin, it does not reset the 2FA key. The only way I can see to reset it is to turn off 2FA and turn it back on again. When the reset password link is sent it allows the user to log in but after logging out again it requires the 2FA key. Am I missing somewhere where the key can be reset?

Thanks

Alex

girish

I guess we can add an option to reset the 2FA of a user. Usually password reset in services in GitHub do not actually reset the 2FA. For the moment, to disable 2FA, you have to follow this - https://docs.cloudron.io/user-management/#disable-2fa

alexdimarco

@girish it would be helpful if there was a way to reset it. I have already had a user with a need for this

robi

@girish docs don't seem to explain how to set up 2FA, and which types it supports.

The only other 2FA info is about setting it up for ssh from DO, not users. Can you add that please?

girish

@robi it's in the profile section - https://docs.cloudron.io/profile/#enabling-2fa

robi

@girish ah, search prevented me from finding it..

girish

@alexdimarco Added for next release.