Support

Akeeba Backup for Joomla!

#25253 Table base user exclusion 2 factor login credentials error

Posted in ‘Akeeba Backup for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Akeeba Backup version
n/a

Latest post by user87437 on Friday, 27 May 2016 14:26 CDT

Friday, 27 May 2016 11:41 CDT

user87437
Hello

When i transfer site using table exclusion

#__users

#__user_usergroup_map

#__user_profiles

#__user_notes

I get locked out of two factor authentication.

To get back in i have to go to my files and rename my file twofactorauth to twofactorauth911 or any other name. That disables my twofactor and i m able to log back in.

Is this just something im going to have to deal with when doing site transfers or is their a solution.

Best regards

Friday, 27 May 2016 13:43 CDT

nicholas
This is correct and by design. Two factor authentication stores its settings in the #__users table, encrypted. The encryption key is your site's secret key, stored in configuration.php. When transferring your site the secret key changes per Joomla's best security practices. This means that 2FA becomes invalid in the transferred site.

I was against the encryption of the 2FA configuration information because, frankly, it makes no sense whatsoever (the key to decrypt them is already present in memory, meaning that in the event of an arbitrary code execution vulnerability the settings can be trivially decrypted). Unfortunately the Joomla! Production Leadership Team would NOT listen to me, insisting that 2FA settings have to be encrypted. The end result is that if you transfer a site you have to disable 2FA (bad for security) or you need to edit configuration.php and set $secret to the same value as the original site (bad for security). I'm sorry, I tried to prevent that, but in the end of the day I can't fix the fact that stupid people have the final say in what goes into Joomla! :(

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Friday, 27 May 2016 14:26 CDT

user87437
Thank you that is the best support response I have ever heard

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!