I've been using Googles Two-Factor-Authentification for for Joomla for quite a while. But after restoring my iPhone i noticed, that the backup didn't include all the configured accounts. I was locked out of my Joomla-accounts without a way to surpass the Google Two-Factor-Authentication.
The following manual describes how to deactivate Two-Factor-Authentication via the database-backend to regain access to the Joomla-backend.
Follow the following steps to enable a user to login into the Joomla-backend without having to enter a two-factor-code.
Please replace prefix '#####' with the prefix used in your Joomla-database. Every Joomla-installation uses an individual prefix.
- Log in to the database management tool of your choice (PHPMyAdmin, SQL ManagementStudio eg.)
- The table "#####_extensions" contains all the plugins registered in your Joomla-installation. One f them is the plugin for Google's Two-Factor-Authentication. Open this table.
- Search the table "#####_extensions" for the row with the entry "plg_twofactorauth_totp" in the column "name".
- Set the entry of the colum "enabled" from 1 to 0.
- The table "#####_users" contains all users. Open this table.
- Search the table "#####_users" for the row containing the affected username.
- Search for the column "otpKey" in the row of the affected user from step 6. Note that entry for security reasons.
- Search for the column "otep" in the row of the affected user from step 6. Note that entry for security reasons.
- Delete both entrys from steps 7 and 8 out of the database.
- Log in to the Joomla-backend with the affected user without providing a two-factor-code.