Change two factor authentication for admin to new phone/device

[twofareset]

I have two factor authentication configured for admins on one of my WHMCS installations. One of our admins who is using TOTP (Google Auth) has a new phone and they're trying to change the 2FA device for their account. Disabling and then re-enabling 2FA while logged in as the admin user doesn't prompt you to setup a new device, it's still tied to the old device. I see no option to 'forget' an existing device.

 

Is there a way for the admin user to make this change themselves? Do we need to create a brand new admin account for this user to setup 2FA again?

[WHMCS ChrisD]

Hello Twofareset,

 

To reset the time based passwords, your will need to run the following command on your WHMCS database, please do make sure to take a backup first Once this is done, the admin user will then be able to reconfigure two factor authentication via the My Account page in the WHMCS admin area.

 

 

UPDATE tbladmins SET authmodule = '' WHERE username = 'ADMIN_USERNAME';
UPDATE tbladmins SET authdata= '' WHERE username = 'ADMIN_USERNAME';