Lost authenticator, need to disable 2FA on 7 sites

  • Resolved fripp

    (@fripp)


    3 years, 10 months ago

    I know this is my fault and not Wordfences, but I got a new phone and erased the old one without first exporting my Google authenticator settings. So now I have seven websites, excellently protected by Wordfence and 2FA turned on, that I now can not access. I have all kinds of printed out recovery codes, but none that are relevant to this issue.

    Could you please help me with the process of disabling 2FA on my sites? I tried the knucklehead way to just remove the WF-folder from my WordPress plugins. I guess I have to erase WF in the db as well, right?

    And, of course, I can’t log in to the Wordfence web site as well.

    Cheers.

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @fripp, I’m happy to provide you instructions on how to get back into your site. If you have also misplaced the 2FA backup codes, there are two ways to get back into the site.

    The first way is if you have added the site in Wordfence Central (a free site management tool in your account on wordfence.com):

    • Login to Wordfence.com and look for the Configuration tab.
    • Click the gear icon at the end of the row that the site you need to access is on.
    • Scroll down to the Login Security Options section and expand it by clicking the small black arrow to the right.
    • In the section that says “Whitelisted IP addresses that bypass 2FA” add your public facing IP address.
      NOTE : You can get your public facing IP by clicking this link.
    • Scroll back to the top of the screen and save the changes.
    • You should now be able to login to your site with just a username and password.

    If you haven’t added your site to Wordfence Central follow these steps:

    • Please use FTP/SFTP — or any file manager your web host provides via their administration panel.
    • Look inside the /wp-content/plugins/ directory and rename the wordfence directory to wordfence.bak. This will deactivate Wordfence and allow you to login without the 2FA code.
    • Once you have logged in to your WordPress admin you can name the folder back to wordfence again.
    • Go to your user profile and add 2FA back to your account, making sure to download the backup codes in case of problems in the future.

    If you have any other trouble logging in feel free to reach out here.

    Peter.

    Thread Starter fripp

    (@fripp)

    Thank you very much! Excellent tool and excellent service! I think I have to revive my premium subscription again to support you guys.

    Is there a possibility to disable 2FA on my login at wordfence.com (temporarily while I get a new authenticator), so that I can add my sites?

    Thanks again!

    Plugin Support wfpeter

    (@wfpeter)

    Thank-you @fripp, that’s really great feedback that we appreciate so much!

    In order to disable your Wordfence.com 2FA, you’ll need to send an email to lockout @ wordfence . com and provide your email address that is on the account or username so we can assist you!

    Thanks again,

    Peter.

    Thread Starter fripp

    (@fripp)

    You’re welcome.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Lost authenticator, need to disable 2FA on 7 sites’ is closed to new replies.

Tags