Skip to content
XoloC2

MFA Setup

MFA Setup

Section titled “MFA Setup”

XoloC2 supports TOTP-based two-factor authentication compatible with Google Authenticator, Aegis, Authy, and any standard TOTP app.

Enable MFA

Section titled “Enable MFA”
  1. Log in to the panel
  2. Click your username (top right) to open Account Settings
  3. Click Enable MFA
  4. Scan the QR code with your TOTP app
  5. Enter the 6-digit code to confirm and activate

From this point on, every login will require the 6-digit TOTP code after the password.

Disable MFA

Section titled “Disable MFA”

In Account Settings, click Disable MFA and confirm with your current TOTP code.

Admin: manage MFA for operators

Section titled “Admin: manage MFA for operators”

As an admin you can see which operators have MFA enabled from Settings > Users.

Recovery

Section titled “Recovery”

If you lose access to your TOTP app, an admin can reset your MFA from Settings > Users. If no admin access is available, MFA can be reset directly in the SQLite database:

Terminal window
cd XoloC2
sqlite3 server/xoloc2.db "UPDATE users SET mfa_secret=NULL WHERE username='admin';"

Then log in without MFA and re-enroll.