Versions Compared

Old Version 1

changes.mady.by.user Marcella Marino

Saved on

compared with

New Version 2

changes.mady.by.user Jo Tayler

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This guide explains how content management system (CMS) site admins can disable/clear two-factor authentication (2FA) set-up for users so they can gain access to their account again and set-up a new 2FA application.

If you are looking for instructions on setting up 2FA for your CMS account, please visit our user guide.

On this page:

Troubleshooting with users

Failed validation limit reached

When a user gets 6 attempts wrong in 5 minutes, they are locked out of trying to sign in for 5 minutes.

If a user reports that they have received the ‘Failed validation limit reached’ error:

  • Check they have been using codes from the 2FA application linked with their CMS account.

    • Their 2FA application will show the account username or email near or above the code.

  • Ask them to wait 5 minutes from when they received the ‘Failed validation limit reached’ error.

If the user replies and is still having issues, you will need to disable their 2FA application so they can set it up again/choose a different application.

User temporarily doesn’t have access to their 2FA application

If the user is temporarily without their 2FA application (for example, they’re getting a new laptop or left their phone at home), then they may be able to use one of their recovery codes.

The user may have received a set of recovery codes when setting up their 2FA application, so recommend they use one of these.

User has lost access to their 2FA application

If the user has lost access to their 2FA application (for example, they got a new phone), ask if they can try logging into their 2FA application.

This may not be an option if they are using a 2FA application that doesn’t require sign up. If there is no account associated with their 2FA application, you will need to disable their 2FA application as per the instructions below, and they will have to set it up again when they next log in.

Disable/clear a user’s two-factor authentication application set-up

If a user has lost access to their 2FA application or it is no longer working, you’ll need to follow the below steps to disable it. The user will then be able to set up a new 2FA upon logging in.

  1. Go to the people tab and search for the user who needs their 2FA set-up disabled/cleared.
    Click on the user’s username.

...

 

  1. Click the 2FA tab on the user’s profile.

...

 

  1. Click disable 2FA.

...

 

  1. Enter your password and click ‘disable'.

...

  1. You will be returned back to the 2FA tab of the editor's profile and will see the status message ‘2FA has been disabled’.

The next time the user logs in, they will be required to set up 2FA before accessing the CMS.

...

Needing your two-factor authentication reset as a site admin

As a site admin, if you find yourself locked out of the CMS or you’ve hit the limit of 2FA verification attempts, ask any site admins in your team to disable your 2FA application or reset your attempts using the guide above.

If none of your team members are available, fill out an SDP support request. Be detailed in your request so we can assist you quickly.