The Great Open Source Debate with Elastic, Gluu and GitHub 🎤 Oct 26

Reset 2FA settings for user

  1. have own installation of rocket.chat
  2. user enables 2FA
  3. user loses phone

is the account lost forever? is there a way for me as admin to reset a specific user’s 2FA settings?

I could not find any option in the Admin to reset the TOTP (2FA) code for a particular user.

The only solution is to run a query to update the mongo DB directly:

db.users.update({"username": "USERNAMEHERE"}, {"$unset":{"services.totp": 1}});

How to use your code?
where to put that code?
Im a newbie ofcourse!! :slight_smile: and lost my phone.

please help.

On Ubuntu (snap installation) you have to do the following:
Navigate to /snap/rocketchat-server/current/bin/
and execute “mongo” with

./mongo

you’re in the mongo command line now.
Now you have to find the correct database used by rocket.chat with

show dbs

and select the correct db used by rocket.chat (in my case the db is called “parties”, so enter

use parties

now you can run the query from above

db.users.update({"username": "USERNAMEHERE"}, {"$unset":{"services.totp": 1}});

Best regards

Sorry to rez this thread, but I am curious, if there is a way to reset an accounts individual 2FA settings. IE: phone was lost, authenicator data lost, backup codes are poof, etc.

I would like my users to use 2FA, but need a way around this. Using the mongo command above appears to work, but the user account still has 2FA enabled and requires a code from the authenticator or backup codes to disable.

Is there a way around this, that leads to the user being able to setup a new association with an authenticator?

This helped me turn off 2fa email code for my users.

db.users.update({"username":USERNAME},  {"$set":{"services.email2fa.enabled": false}});