MyBB Community Forums

Full Version: How to login using TWO-FACTOR AUTHENTICATION ??
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2
First i downloaded the google apps for that. And i scanned the barcode. But when try to login back to the admin cp.. The Authentication code is not valid Sad

And now my account was locked.. Help....
try this and see if it helps....

(02-17-2015, 07:07 PM)JordanMussi Wrote: [ -> ]It may be that your app is out of sync with Google servers.
With an internet connection: Open Google Authenticator -> Settings -> Time correction for codes -> Sync now

EDIT: did you copy the recovery codes...
time already correct.. btw, what you mean with recovery codes ??
Recovery codes are like backup codes, in case anything goes wrong.... if you didnt knew it, its certain you didnt copy it...

After you enable 2FA, you will be presented with a link with the recovery codes, above the QR code.. clicking that link, will provide you a list of recovery codes which can be used only once...

for your issue, Run this SQL query in phpMyAdmin.... Read this to know How to run SQL Queries.... change the uid (if yours is not 1) to match yours...

UPDATE `mybb_adminoptions` SET `2fasecret` =  '' WHERE  `uid` = 1;
ok thanks.. will try later Big Grin
(02-24-2015, 01:44 PM)mmadhankumar Wrote: [ -> ]Recovery codes are like backup codes, in case anything goes wrong.... if you didnt knew it, its certain you didnt copy it...
for your issue, Run this SQL query in phpMyAdmin.... Read this to know How to run SQL Queries.... change the uid (if yours is not 1) to match yours...

UPDATE `mybb_adminoptions` SET `2fasecret` =  '' WHERE  `uid` = 1;

And what if some terrible dimwit lost the recovery codes for Google Authenticator 2FA...? Could they fix it with FTP access...? Currently I can't log in so no database queries for me (unless I'm missing something here)? So which file to fetch and edit? It's been a long time since I last used the forum (which still is running Smile )

Peace!

Devnullius
^ basically database queries are executed using a database manager at the web host control panel (eg. phpMyAdmin)
please see How to run SQL Queries guidance for further reference. (its link was provided in your above quoted response)

related SQL queries :
UPDATE `mybb_adminoptions` SET `authsecret` =  '' WHERE  `uid` = 1;
UPDATE `mybb_adminoptions` SET `loginlockoutexpiry` =  '0' WHERE  `uid` = 1;
UPDATE `mybb_adminoptions` SET `loginattempts` =  '0' WHERE  `uid` = 1;
(06-27-2017, 04:21 PM).m. Wrote: [ -> ]^ basically database queries are executed using a database manager at the web host control panel (eg. phpMyAdmin)
please see How to run SQL Queries guidance for further reference. (its link was provided in your above quoted response)

related SQL queries :
UPDATE `mybb_adminoptions` SET `authsecret` =  '' WHERE  `uid` = 1;
UPDATE `mybb_adminoptions` SET `loginlockoutexpiry` =  '0' WHERE  `uid` = 1;
UPDATE `mybb_adminoptions` SET `loginattempts` =  '0' WHERE  `uid` = 1;

oooh... this is not from mybb directly... Ok, I'll see what URLs and credentials I can dig up. Thanks so far!

xx

Devvie

I got this follow up through PM - so I assume one wants to remain anonymous? I thought to share it with you guys non the less! Smile

Quote:if you want to try fixing it through ftp then

you can add below code to a php file (eg. 2fsecret.php)
and upload it to main folder of your forum where you
have global.php file & visit the file through your browser

<?php
define('IN_MYBB', 1);
require_once "global.php";


       $db->write_query("UPDATE " . TABLE_PREFIX . "adminoptions SET `authsecret`='' WHERE uid='1'");
echo ("Done authsecret.");
$db->write_query("UPDATE " . TABLE_PREFIX . "adminoptions SET `loginlockoutexpiry`='0' WHERE uid='1'");
echo ("Done loginlockoutexpiry.");
$db->write_query("UPDATE " . TABLE_PREFIX . "adminoptions SET `loginattempts`='0' WHERE uid='1'");
echo ("Done loginattempts."); 

remember to delete the newly added file after using it.

I just ran the PHP script - and while it gave all Dones, I am still greeted with a 2FA login prompt. So for me the PHP script seems to fail after all. Time for that database hacking I assume.

Thanks though!
^ exactly which version of MyBB you are using & is your used id equals to 1 (one) on your forum ?
(06-27-2017, 06:04 PM).m. Wrote: [ -> ]^ exactly which version of MyBB you are using & is your used id equals to 1 (one) on your forum ?

Good questions. -M- Asked the same and I indeed have been securing my forum as much as possible. While he sleeps, I await support from my hosting provider. If I go to cpanel --> phpMyAdmin, nothing there works. I haven't updated anything in quite a while (I kinda abandoned it for a while to the pleasure of the Chinese). But when I am logged in, none of the links work (and if I force open them, I only get white pages). Also, all images are gone. It looks like I updated a bunch of things, but I haven't since my last login. I did get a forced 'request' to update the database, which I did and was quickly done... Worst case scenario that did more than I expected...

More to come Smile And thanks!

Devvie
Pages: 1 2