2-Factor Auth | TOTP | lost mobile phone

Hi!

I just enabled 2-factor authenfication according to the following manual. (I installed FreeOTP on my Android phone)
I’m very impressed how easiely it is to activate and increase the security. Many thanks to the whole team!

But it came some doubts: What happen if I lost my mobile phone? Is there any possibility to log in anymore and deactivate 2-factor auth or migrate to a new phone? I’m not sure.

Do you have any hints for me?
Thanks, Dominik!

Hi,
In this case, an admin can de-activate totp for you with occ command. Also, if it is your own instance you can install backup codes app or request it from admins. Its purpose is rescue user from lock down in this kind of situations: https://marketplace.owncloud.com/apps/twofactor_backup_codes

2 Likes

Hello,

Anytime you setup 2FA on any service they give both a QR code to scan or string to manually enter.

Copy the string and keep it in a safe place.

I just went through this when I replaced my phone with google authenticator. The google authenticator app transferred but not the entries. I was able to recreate them manually by entering the strings for each service from my encrypted backup. I kept a manual backup, not something special.

  • Mike
2 Likes

Thanks to you both!

I was able to deactivate the 2-fact-auth via occ. And also to restore the authentification after I removed the token from the FreeOTP app. Backup codes are not sufficient for me.
Now I have the choice. :grinning:

Dominik