Replies: 3 comments 1 reply
-
Beta Was this translation helpful? Give feedback.
-
|
Thanks Gary. Two tickets so far, both still unanswered:
The account is on the Pro plan (paid). The catch is the auto-reply says email tickets are treated as Free-plan and that I should use the in-dashboard support form to get properly prioritized — but that form is exactly what I can't reach: it dead-ends at "Insufficient AAL: MFA required" because I've lost my TOTP device and have no backup factor or recovery codes. So every route loops back to the same 2FA wall. I can verify ownership privately in whatever way support needs (project tokens/keys, a flagged row, the account email). Is there any way to escalate these ticket numbers to someone who can reset/remove the MFA, or a private channel to verify through? Thank you. |
Beta Was this translation helpful? Give feedback.
-
|
Hi Supabase team,
Following up on my open tickets SU-404736 (Jun 25) and SU-405186 (Jun 26). I'm fully locked out of my Pro account — I can sign in via GitHub SSO but can't pass the TOTP prompt (lost the authenticator device, no backup factor or recovery codes), and the in-dashboard support form dead-ends at "Insufficient AAL: MFA required" so I can't file through it.
I understand you verify ownership through non-public account details. As the paying account owner, here is billing proof of control:
* Billing email on file: ***@***.***___
* Card on file (last 4 digits): _2424__
* Most recent invoice ID / date / amount: __29.83___
* Approximate date the Pro subscription started: __________
* Project ref: leavyuytxvqicreojzzl
I can also prove control of the project directly — run a specific query you provide, or create a flagged row you specify.
Could you please reset/remove the MFA on my account so I can re-enroll a new authenticator, or point me to a secure channel to complete verification? This is tied to a live production system. Thank you.
Jonathan Rodriguez
[https://ci6.googleusercontent.com/proxy/gOyWu6S4xCgvBJcGTpOJtCpUQ25SGSyAB15a96kvQq4YWSKoyNIe7HdgJfnx8F5BhebeVK1Yhw=s0-d-e1-ft#http://i57.tinypic.com/hsqs10.jpg]
Best Regards
Jonathan Rodriguez
Network Administrator
Office: 980-494-3560
***@***.******@***.***>
www.Nctsupport.com<http://www.nctsupport.com/>
The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential, proprietary, and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from all computers.
From: GaryAustin1 ***@***.***>
Sent: Tuesday, June 30, 2026 9:29 PM
To: supabase/supabase ***@***.***>
Cc: Jonathan Rodriguez ***@***.***>; Author ***@***.***>
Subject: Re: [supabase/supabase] Locked out of account — lost MFA/TOTP device, can't pass 2FA, and support form won't submit ("Insufficient AAL") (Discussion #47463)
You don't often get email from ***@***.******@***.***>. Learn why this is important<https://aka.ms/LearnAboutSenderIdentification>
There is no escalation path as right now this security group is overwhelmed we have been told and working the same type of issues. We are seeing user in Discord at a week on this. The Pro was more that billing might give them a way to check. I just caution again though their official policy is you can't get back in if you lose it.
—
Reply to this email directly, view it on GitHub<#47463?email_source=notifications&email_token=BZ7KHUH74Q3IOH6CACVN7AL5CRSNHA5CNFSNUABIM5UWIORPF5TWS5BNNB2WEL2ENFZWG5LTONUW63SDN5WW2ZLOOQXTCNZUHEYTCOBRUZZGKYLTN5XKMYLVORUG64VFMV3GK3TUVRTG633UMVZF6Y3MNFRWW#discussioncomment-17491181>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/BZ7KHUGJRRGOJMKHPNOK7FL5CRSNHAVCNFSNUABIKJSXA33TNF2G64TZHMZDCNBVHA3TCOJTHNCGS43DOVZXG2LPNY5TCMBTGQ4DKNZTUF3AE>.
Triage notifications, keep track of coding agent tasks and review pull requests on the go with GitHub Mobile for iOS<https://github.com/notifications/mobile/ios/BZ7KHUA2ACFV2HYYDZQE5RD5CRSNHA5CNFSNUABIM5UWIORPF5TWS5BNNB2WEL2ENFZWG5LTONUW63SDN5WW2ZLOOQXTCNZUHEYTCOBRUZZGKYLTN5XKMYLVORUG64VFMV3GK3TUVJTG633UMVZF62LPOM> and Android<https://github.com/notifications/mobile/android/BZ7KHUBU32LQ3VTJPXAORZT5CRSNHA5CNFSNUABIM5UWIORPF5TWS5BNNB2WEL2ENFZWG5LTONUW63SDN5WW2ZLOOQXTCNZUHEYTCOBRUZZGKYLTN5XKMYLVORUG64VFMV3GK3TUVZTG633UMVZF6YLOMRZG62LE>. Download it today!
You are receiving this because you authored the thread.Message ID: ***@***.******@***.***>>
|
Beta Was this translation helpful? Give feedback.

Uh oh!
There was an error while loading. Please reload this page.
-
Hi Supabase team,
I'm the owner of an account and I'm fully locked out. I can complete sign-in (GitHub SSO), but I cannot pass the TOTP two-factor prompt — I no longer have access to my authenticator device, and I have no backup factor or recovery codes.
I've tried every in-product route and each one dead-ends at the same MFA wall:
The in-dashboard support form (Login issues → "Unable to sign in via MFA") will not submit while locked out. It errors with "Insufficient AAL: MFA required" and "Unable to upload attachments."
Could a maintainer please help reset/remove the MFA on my account so I can re-enroll a new authenticator?
Project ref: leavyuytxvqicreojzzl
I'm happy to share the account email and any verification details over a private channel rather than posting them here. This is tied to a live production system, so any help is greatly appreciated. Thank you!
Beta Was this translation helpful? Give feedback.
All reactions