Upgrade to Nextcloud 15 can lockout user when OTP provider App is disabled #13112
Steps to reproduce
2FA should be disabled when app is disabled
Message shown stating that 2FA is enforced (it is not) and not 2FA provider can be selected contact admin.
Nextcloud version: (see Nextcloud admin page)
Updated from an older Nextcloud/ownCloud or fresh install:
Where did you install Nextcloud from:
Yes, ran into this, too.
I was finally able to solve this issue (hadn't any backup codes, so I was unable to login as admin) by:
Good luck to all those poor guys who haven't got shell access to their instance.
This is the second time Nexcloud bit me hard using 2FA (the first time was when changing the password made all application password invalids - no warning at all), so I'm really not amused, to put it mildly.
No it should not. If you enable 2FA on your account it should be enforced for your account.
Well there is a reason having backup codes is always adviced.
That is not related to 2FA. It was a limitation of our earlier apptokens. This should all be solved with NC15.
Thanks for the work-around! Also #12510
I really like Nextcloud, but it would IMHO greatly benefit by pauzing developing new innovations, and first focussing on solving (all) outstanding bugs.