Hello
I am an IT Engineer for Level, Inc. I’m opening up this ticket on behalf of one of our users: Ashley Koh (ashley.koh@level.com). She has lost access to her 2FA device and needs to have it reset.
This is a community forum we cannot help you with it. This topic has been covered many times, please search the forums before posting as they all say similar, and means opening a support ticket with Gitlab directly, not posting on the forum where nobody can help as we are not Gitlab admins. The majority of people here are normal users.
As you will also find from searching the forum, you would see that Gitlab docs has info on how to reset 2fa yourself providing that the account has an SSH key uploaded to it. If you are a free user, then you will not be able to get it reset via a support ticket with Gitlab.
Had you searched you would have found all of this out already.
My apologies for the post. I searched online and through the forums but read conflicting information. I initially submitted a ticket and have not heard back in a week so I decided to also give the forum post a try. Unfortunately the user does not have an SSH key and we are free users. I wanted to make sure I exhausted whatever option was available.
I’ll retire this post shortly.
Gitlab stopped processing 2fa resets for free users: GitLab Support is no longer processing MFA resets for free users
2FA documentation: Two-factor authentication | GitLab
which has the steps for resetting. If you had been running your own gitlab server, you can remove the 2FA from the Admin panel for the particular user. Unfortunately you cannot do that on gitlab.com. Which leaves only the 2fa_recovery_codes option to generate new codes. But as you don’t have ssh you cannot do that.
There are posts on here where I recommend using Authy as the app for your 2FA because this app has backup functionality, which means you can restore the app to any phone using the details when you set it up. That means losing a phone doesn’t stop you getting into your account. On new phone, install authy, restore, and then you have access to 2FA again. I can even run the authy app on multiple phones and if my battery dies in one, then I can use the other one.
Even if support would take your request, you cannot make it on behalf of your user. The user themselves would have to do it.
2 Likes
Thanks Ian! I appreciate you taking the time to educate a newbie like myself and creating a thorough response. I’ll have to break the bad news to my colleague.
1 Like
I am already a gitlab member for more than 5 years. In version 13 you introduced reset codes for 2fa. I don’t have those reset codes. The ssh key that I might have uploaded is lost as well. Somehow my authenticator app lost all accounts, so i can’t login anymore to my account. I really insist there will be some kind of reset or otherwise have my mobile number added for verification or I can pay for the issue, but I really need the access!!
There should be a backup for these cases. You can’t just say to your users, bad luck for you. Or otherwise mail all the users who have been there before introduction of reset codes and remind them or give them an alternative. Dit kan je niet menen.