Hey guys, so i just recently got a new laptop and started my MyBB forum again, and i had it up for 2 days and stupidly enabled 2fa on the admin panel (Built in 2fa, not a plugin) And though its working perfectly fine on my phone, when i try to log in it fails every single time. Im very confused as to why this is. *BUT* my main issue is i locked my admin account, and its the only admin account on my site. I have 100 posts id prefer not to have to erase, but, as of right now the only solution i can see is removing the sql database and starting over (I didn't backup, yea, i know, dumb, but its only been 2 days lol)
If theres anything anyone can suggest thatd be great, otherwise ill start anew lol.
Hi,
I don't try this solution but maybe it could be done this way:
In your database, in your forum's
adminoptions table, try to empty (delete all data) the
authsecret and
recovery_codes fields of your Admins
uid
Of course before that, make a backup of the DB
As @NoRules said above you could try to modify database, but if you enabled Two Factor auth in ACP then you should have your auth code generated in Google Authenticator or other app that handles one-use login keys.
As it is noted DO NOT MODIFY DB without backup - you can pottentially damage your db and then nothing could help.
Also check if this setting isn't just secret pin for ACP access.
If it is this setting you can change it by modifying value in config.php file and removing secret pin.
Please note that after modification done to config / settings file you need to change them via ACP too. Otherwise if you modify other settings it will be set to previous value once again.
Yea, im just going to delete the database, if someone could erase this threat thatd be great. I know how to use the 2fa by google, ive been using it with multiple services successfully and have been for months, for some reason though it appears to be functioning correctly, it just isn't. Locked me out of my account, and i dont see anything related to my useracc or its UID (Or any place for UID's) In the structure of authsecret or recovery_codes, so it just seems like this is a broke feature that screwed me over, so ill delete and never reactivate it.
You would really NOT need to delete the database to fix this. Let us know if you have already done so and I will go ahead and delete this thread for you but if you have not yet deleted the database drop me a PM and I will try and help you get this worked out.