Too many two-factor failures

Hello everyone, I am having a problem with LibreNMS. I accidentally failed two-factor authentication 3 times on my account, and I am now locked out of it with the following message:

Too many two-factor failures, please contact administrator.

I am asking for help, because I have not found any indications online on how to unban myself. I am the administrator and have console access to the server.

Thanks in advance for your help

I thought it was a timed lock-out if you exceeded the attempts, so it should clear: Two-Factor Auth - LibreNMS Docs

Either way, can you just comment out the relevant config lines in config.php and get back in?

If still an issue, the relevant details are stored the users_prefs table against the relevant user ID if you need to clear, so there are still other ways:

MariaDB [librenms]> select * from users_prefs where pref='twofactor';
| user_id | pref      | value                                                                         |
|       1 | twofactor | {"key":"xxxxxxxxxxxxxxxxxxxxx","fails":0,"last":0,"counter":false} |
1 row in set (0.000 sec)

Did some more testing on this as I was curious - and will update some doco after also.

If you have used Two Factor prior, and disable the lines in config.php, you’ll be able to log in normally, but the options to disable/edit it in the UI do not appear, so when you enable Two Factor options again, you’ll be in the same situation.

When I fail mine deliberately - my DB entry looks like this:


But my error shows: Too many two-factor failures, please wait 300 seconds

So try and add the $config['twofactor_lock'] = 300; to your config and see if it mentions it next time you try to login. If not, then …

EDIT probably the best way … leave it all as it is and create a temp admin user to disable/reset the main admin user account:

./lnms user:add -r admin tempadmin

Then go to Settings → Manage Users (/users) and edit the main admin user and unlock or disable 2FA - then once you’re back in, delete the temp admin user:


Hi, thanks a lot for your help. I managed to get back in by setting the delay in settings.php.

Have a PR to clear this up a bit more, and also adds documentation updates to use lnms instead of config.php

./lnms config:set twofactor_lock 300

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.