Disable Joomla! two-factor authentication

The Joomla! two-factor authentication is a great security improvement. But if you got locked out, maybe because your smartphone with the Google Authenticator installed broke down, was factory reset or the app was uninstalled – what to do?

  1. First of all, reinstall the Google Authenticator app back into your smartphone or tablet
  2. Use FTP software or similar to access the Joomla! installation directory
  3. Go to the plugins folder
  4. Rename the folder twofactorauth to something else
  5. Access the backend login page (i.e. /administrator) of your site
  6. Now the secret key field is gone, so proceed and login with just username and password
  7. Once logged in, you can rename the plugin folder back to twofactorauth
  8. Go to Users in the Joomla! backend and find your user account and click on it
  9. Click the Two factor authentication tab and scan the QR code with Google Authenticator on your smartphone/tablet
  10. Done! Now you can login using two factor authentication again