Disable old 2FA mobile app to replace with another

First, I have access to my gitlab.com account via my recovery codes, but I lost an old phone that had my original 2FA (Google Authenticator) app. I’d like to set that up again on a new phone and it should work because I have access, but the only options I seem to get in my settings are to add a U2F device.

In fact, it mentions that users need to add a 2FA app before U2F. It says I’m ok, because I already have 2FA mobile app. But, as above, that’s what I’m to replace (not U2F) since I lost my phone.

1 Like

Almost immediately figured out I just needed to press, “Disable two-factor authentication” and then I could re-enable with a new device.

Thought I would still post this though since that was counter intuitive for me. At first, I thought, “I don’t want to stop using 2nd factor, just swap out the device.” I suppose it makes sense that you can’t really support multiple 2nd factor OTP apps simultaneously, but it’s a little weird to temporarily disable 2nd factor so that technically a really lucky attacker could get in with just your password.

2 Likes