Welcome to the PufferPanel community forums! Please visit our discord for support: https://discord.gg/v8dz49e

Any way to disable two factor authentication without logging in?

  • I installed CyanogenMod on my phone yesterday. I made a system backup (so not apps) just in case something would go wrong. After installing it I realised I could no longer log in into my accounts (Google, Microsoft and PufferPanel). Fortunately services like Google and Microsoft gives the user backup codes which they can write down and store somewhere secure, for emergency situations like this one. PufferPanel doesn't have this feature as far as I know. My question: Is there any way I can get back into my account? It is the only administrator/superuser account on this installation. Possibly some value to change in the SQL database?

  • You could probably insert a new login into the credentials table, but I don't know the name of the table or how to make the account an admin. I could experiment.

  • Sorry to hear about that, but you can do the following to create a new admin user which you can use to get back into your panel.
    (as root)

    cd /srv/pufferpanel
    ./pufferpanel adduser

    Once you have created the new user, login as that user and you can reset your account. Hope this helps!

    (Sorry, I moved your post from the other category before finding this thread.)

  • @puffrfish So apparently by default pufferpanel does not have permission to add a user to the mysql database? I have tried it both with and without sudo, which shouldn't make a difference, and it didn't.

    censored@censored:/srv/pufferpanel$ ./pufferpanel adduser
    Please enter the following information for the new admin user
    Username: censored
    Email: censored@censored.com
    Installing user...
    ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)

  • That says you didn't put a password in for the SQL login. Did you not set one before?

  • @zacharee It did not ask for a password. I did set a password obviously. I find it weird though that it tries to log in with the account 'root', instead of the automatically created account for pufferpanel, which is 'pufferpanel'

  • Hmm. Let me check the script. It should be running mysql -u root -p to prompt, but it isn't.

  • aha. There are variables at the top of the file. Open it in a text editor and change the mysqlPass variable to include your pwd.

    Probably not the way it was meant to happen, but it should work.

  • @zacharee Thanks a bunch, it worked!

  • Is there any way to disable another user's two factor authentication from this backup account?

  • Check under Settings>>Find Account>>[ACCT NAME]

  • I have checked there already, and I can't seem to find any option. Will changing the password work?

    Now I have to wait a while to post this, gotta hate spam protection xD

  • I don't really know, since I don't have it enabled :p.

    Yeah, the 2-minute limit really makes troubleshooting tricky.

  • I'll just give it a try I guess

    EDIT: Nope, doesn't work
    EDIT EDIT: I'll try removing the user and creating a new administrator user

  • OK. I think I can tell you how to disable it. It involves DB editing, so be ready for CMDs.

    I think if you remove the user, it'll delete the servers associated.

  • @zacharee I don't have any servers associated to the administrator account so it's not really a problem

  • Well I can tell you how to disable TOTP. It isn't that bad.

  • Yes please :) I just realised I do have one server associated with my account

  • Open a terminal and run these commands:

    mysql -u root -p -- enter your password when prompted

    USE pufferpanel; to select the PP DB. Semi-colon is there on purpose.

    SELECT * FROM users;

    UPDATE users SET use_totp="0" WHERE username="YOURUSERNAME";

    UPDATE users SET totp_secret=NULL WHERE username="YOURUSERNAME";

    For the two UPDATE commands, you can use email="YOUREMAIL"; instead of username

  • You edited your post just in time, I was about to update "totp_secret" to "" when I noticed you changed it to NULL

    EDIT: Works like a charm, thanks for the time you put into helping me :)

Log in to reply