search

nextcloud / twofactor_totp

🔑 Second factor TOTP (RFC 6238) provider for Nextcloud
https://apps.nextcloud.com/apps/twofactor_totp
GNU Affero General Public License v3.0
284 stars 58 forks source link

2FA impossible to desactivate from GUI (inconsistency between GUI status & occ status). #1478

Closed potagerGit closed 7 months ago

potagerGit commented 7 months ago

Hello, I tried the App and it worked well, but later discovered issues with Joplin sync (Joplin obviously cannot pass the second factor and sync fails by "bad login").

I desactivated completly the 2FA from the admin GUI (by switching the toggle button), but 2FA was still there for my account. image

Confirmation via OCC : 

>> sudo -u www-data /var/www/nextcloud/occ twofactorauth:state <my user>
Two-factor authentication is enabled for user <my user>
Enabled providers:
- backup_codes
- totp

It worked only after sudo -u www-data /var/www/nextcloud/occ twofactorauth:disable <my user> totp.

dont know if relevant, but I played a little with groups as well (first I had my user in the admin group, I activated 2FA for the admin group only and it worked, and then I removed my account from this group, but 2FA was still there for my account).

ChristophWurst commented 7 months ago

2FA is not enforced but the TOTP provider is active. Users can use 2FA even if the admin doesn't enforce it.

Please use https://help.nextcloud.com/c/support/7 for support questions.

This is not a bug.