Reset user 2FA / sessions

Reset Google Authenticator on Edit user. No standalone session-reset button - sessions die on full account ban.

Reset user 2FA / sessions

How admins clear TOTP and when sessions actually die.

Where to find it

Edit user → Reset Google Authenticator

There is no dedicated "reset sessions" control in Admin.

How it works

2FA reset shows status (Configured and active / Configured but turned off / Not configured). Confirm clears twoFactorEnabled / secret so the member signs in with password only and can re-enroll under Manage Account → Settings. Reset does not revoke sessions, API keys, or login challenges.

Sessions are revoked as part of a full account ban (Edit user Status BANNED, or Add ban → User account): deletes sessions, revokes API keys, clears login challenges, and adds user/email/IP ban rows.

Common problems

Looking for kick all sessions

Use a full account ban (then unban if you only needed a kick) - there is no standalone session-reset button.

2FA reset but old device still in

Sessions may still be valid until ban or natural expiry/logout.

Related