How do I see the QR code again?

Hello @paddy-landau,

Thank you for the valuable feedback. We will work on the 2FA optimization suggested and will reply back here when a new version is released including it.

Best Regards,

Elena

Thank you, Elena.

Has there been a fix, for this yet?

@javilabbe — No, it hasn’t. If you have the plugin installed, just go look at your user profile, and you’ll see — or, rather, you won’t see!

@elenachavdarova promised to post here once it’s fixed.

@paddy-landau

Hahahaha! I get it… I was able to remove the plugin, in the past. Then I used MyPHP to deactivate all plugins. Worked before, but now all of a sudden, no such luck!

Why is this thread showing resolved? If it’s really not. I’d consider this unresolved.

I might try again, by creating another admin account. Maybe the app will allow me to register via Google Authenticator. Then delete my original admin account. Remove it from the database and recreate? I’ll let you know…

Have a great weekend

@paddy-landau and @elenachavdarova

It worked!

1. Created a new administrator account, under a different Gmail account.
2. Log into new admin account.
3. Turned on 2FA via SG Security Login settings
4. Logout and Log back in to activate Authenticator QR code.
5. Copy backup codes.
6. Turn off 2FA
7. Demote previous administrator account to something else.
8. In a different browser, login to demoted account. If it works, log back out.
9. Log into new admin account and turn on 2FA.
10 Test to confirm the app is working – coo berate backup codes match.
11. Log out of everywhere and delete demoted (previous admin) account – allocate data to new admin account.
12. Test site to confirm everything is working.
13 Recreate your Admin Account. The login 2FA will work again! Scan QR Code and add to your 2FA app.

Worked for me.

Thanks and good luck!
13.

@javilabbe — That’s quite a process! I managed to figure it out without having to delete your user.

Delete the existing key for a user

Take a full backup of your database beforehand in case you mess up, but if you do this carefully, it should be fine.

Go to phpMyAdmin or whatever database tool you use.

1. Find the user’s ID:
   SELECT ID FROM wp_users WHERE user_login = '[username]';
2. Find the user’s 2FA record (this step is optional, but it helps to check that you have the right details):
   SELECT * FROM wp_usermeta WHERE user_id = [userid] AND meta_key LIKE 'sg_security%';
3. Delete these rows:
   DELETE FROM wp_usermeta WHERE user_id =[userid] AND meta_key LIKE 'sg_security%';
4. WordPress back end > SG Security > Login Security > Two-factor authentication > turn off and then turn on again. (I don’t know why this step is needed, but it’s safe: it won’t clear the 2FA for any other user.)
5. Log out and log in again.

To find the secret key so that you have a backup

When you log in again, SG Security presents you with a new QR code.

Use a QR code scanner to see the details. (I have Android with Google’s camera, and it comes with a QR code scanner.) The result looks like this:

otpauth://totp/https://[domain] ([email])?secret=[secretkey]

• This reply was modified 3 years, 7 months ago by Paddy Landau. Reason: Formatting
• This reply was modified 3 years, 7 months ago by Paddy Landau.

Hello @paddy-landau,

We have just released a new version of the plugin with 2FA reset per user functionality. Additionally now the secret key and QR code are listed in the user profile page.

You can update the plugin to verify the results on your end.

Best Regards,
Elena

Perfect! Thank you, @elenachavdarova