Log In Without a Backup Code

Two-Factor Authentication (2FA) enhances security by adding a second step to the login process. It combines something that you know (for example, your password) with a second factor, typically from something that you have (for example, your phone).

If an admin does not have access to their second factor (for example, they lost their phone), they would typically use their backup code to regain access. If they do not have their backup code, you can still restore access using the process below.

The steps below do not regain access for Client Area users. To restore access for a user, disable 2FA in the Profile tab of the client’s profile.

Log In Without a Backup Code

To regain admin access without a second factor device or backup code:

  1. Access the WHMCS database using your preferred method (for example, using the command line or phpMyAdmin).

  2. Run the following command:

    UPDATE tbladmins SET authmodule = '' AND authdata = '' WHERE username = 'example';

    • Replace example is the admin’s username.
    • In phpMyAdmin, you can do this in the SQL tab. After running the query in phpMyAdmin, you will see a success message:
      The success message after running a query in phpMyAdmin
  3. Attempt logging in to the Admin Area. You will be able to log in without using 2FA, and can then reconfigure 2FA using a new device.

Last modified: September 10, 2024