How do I disable two-factor authentication in GitLab?
i changed the gitlab server. On the old one, I created a backup and now I imported the backup to the new system. Everyting works!
Now I have a problem: I cannot login due to two factor authentication. I think the secret is the salty change.
This is the log:
Parameters: {"utf8"=>"✓", "authenticity_token"=>"[FILTERED]", "user"=>{"otp_attempt"=>"[FILTERED]"}}
Completed 500 Internal Server Error in 10ms (ActiveRecord: 0.9ms)
OpenSSL::Cipher::CipherError (bad decrypt):
app/controllers/sessions_controller.rb:95:in valid_otp_attempt?'
app/controllers/sessions_controller.rb:63:in authenticate_with_two_factor'
How do I disable two-factor authentication for a single user?
Hello
This command enables two-factor authentication for all users :sudo gitlab-rails runner 'User.update_all(otp_required_for_login: false, encrypted_otp_secret: "")'
Gitlab has updated the command to disable two-factor authentication for all users:
sudo gitlab-rails runner 'User.find_each(&:disable_two_factor!)'
@Poldixd's answer should still work. Unless it tries to set encrypted_opt_secret to value nil
instead ""
.
Found it here: https://gitlab.com/gitlab-org/gitlab-ce/issues/1960
To install from source you can run
cd /home/git/gitlab
sudo -u git -H bundle exec rails console production
to get the rails console and then type
User.update_all(otp_required_for_login: false, encrypted_otp_secret: nil, encrypted_otp_secret_iv: nil, encrypted_otp_secret_salt: nil, otp_backup_codes: nil)
to run the command.
For those looking for how to disable 2FA for just one user. I found a working solution:
User.where(username: "username_goes_here").each(&:disable_two_factor!)
I disable 2FA for Gitlab Docker for all users with:
package sudo -u git -H exec rake gitlab: two_factor: disable_for_all_users RAILS_ENV = production