Locked out by a two factor authentification loop

Community Support
1

Description

  • self-hosted rocketchat
  • enabled two factor authentification by email, and auto opt-in users to two factor auth
  • all users imported from an LDAP
  • SMTP email server settings are blank/unset
    => can’t set SMTP server settings, asking for code sent by email, that has never been sent
    => can’t disable two factor authentication, asking for code sent by email, that has never been sent

Server Setup Information

  • Version of Rocket.Chat Server: 3.6.3
  • Operating System: Debian 10
  • Deployment Method: tar
  • Number of Running Instances: 1

Is there any way to disable via a config file / db the two factor authentication ?

1 Like
2

Found a way myself.

Use Mongodb shell to do those queries :

db.rocketchat_settings.update({“_id” : “Accounts_TwoFactorAuthentication_Enabled”},{$set: {“packageValue” : false}});
db.rocketchat_settings.update({“_id” : “Accounts_TwoFactorAuthentication_Enabled”},{$set: {“value” : false}});

db.rocketchat_settings.update({“_id” : “Accounts_TwoFactorAuthentication_By_Email_Enabled”},{$set: {“packageValue” : false}});
db.rocketchat_settings.update({“_id” : “Accounts_TwoFactorAuthentication_By_Email_Enabled”},{$set: {“value” : false}});

db.rocketchat_settings.update({“_id” : “Accounts_TwoFactorAuthentication_Enforce_Password_Fallback”},{$set: {“packageValue” : false}});
db.rocketchat_settings.update({“_id” : “Accounts_TwoFactorAuthentication_Enforce_Password_Fallback”},{$set: {“value” : false}});

1 Like
3

I’m in exactly the same position with my Snap deployed server. SMTP server is no longer connecting, so I’m not getting any of the 2FA emails that I need so I can turn 2FA off!

Any chance there’s a Snap config command to turn 2FA off? Or is your method, @Alicya, somehow applicable to a Snap deployment?

4

I don’t know. Good luck.

8

Thanks man, perfect response

9

Hi @Alicya ,

I can not connect to mongodb since I installed rocketchat with snap.

Is there any other way to use the queries?

Thank you!

10

Just for reference, if you installed a snap on ubuntu like this, and using @Alicya 's magic recipe, here’s how you access the local mongo db:

/snap/rocketchat-server/current/bin/mongo

Then run

use parties;

db.rocketchat_settings.update({"_id" : "Accounts_TwoFactorAuthentication_Enabled"},{$set: {"packageValue" : false}});
db.rocketchat_settings.update({"_id" : "Accounts_TwoFactorAuthentication_Enabled"},{$set: {"value" : false}});

db.rocketchat_settings.update({"_id" : "Accounts_TwoFactorAuthentication_By_Email_Enabled"},{$set: {"packageValue" : false}});
db.rocketchat_settings.update({"_id" : "Accounts_TwoFactorAuthentication_By_Email_Enabled"},{$set: {"value" : false}});
db.rocketchat_settings.update({"_id" : "Accounts_TwoFactorAuthentication_Enforce_Password_Fallback"},{$set: {"packageValue" : false}});
db.rocketchat_settings.update({"_id" : "Accounts_TwoFactorAuthentication_Enforce_Password_Fallback"},{$set: {"value" : false}});