OnsectiveAdmin

Security operations

Reset user two-factor

Use when a user has lost access to their authenticator app and exhausted or lost their recovery codes. This action:

  • Deletes the user's TOTP enrollment and all recovery codes.
  • Revokes every active refresh token (forces re-login everywhere).
  • Audits the action against your admin user ID.
  • Lets the user sign in with only their password on next attempt and re-enroll if they want.

Reset user passkeys

Use when a user has lost the device hosting their passkey(s) and has no other recovery factor. Deletes every WebAuthn credential for the user; if TOTP is also enrolled, that remains.

In-flight account recoveries

2FA-lockout recoveries currently in their 72-hour waiting window. Cancel one if it looks fraudulent — the user is emailed either way.

Loading…