Enable 2FA for Password Reset

Hello there!

Need Help? We are right here!

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com

Your Contact E-mail

What are you looking for

How can we help you?

Enable 2FA for Password Reset

This feature allows you to enforce Two-Factor Authentication (2FA) during the password reset flow, adding an extra layer of security when users reset their passwords.

This ensures that even if someone gains access to a password reset link, they still cannot change the password without completing 2FA.

Prerequisites
Before enabling 2FA for password reset, ensure:

The 2FA module is installed and activated.
Navigate to: /admin/config/people/miniorange_2fa/login_settings

Enable the following settings:

Activate Two-Factor Authentication
Enforce 2FA to End Users

Enable 2FA for Password Reset

Follow these steps to configure the feature:

Navigate to 2FA Policy for End Users tab
Go to: /admin/config/people/miniorange_2fa/login_settings
Expand the General 2FA Settings section
Enable: Enable Two-Factor Authentication for Password Reset
Click on Save Settings

User Experience

Open a new browser or private window
Navigate to the Drupal login page
Click on Reset your password

Password Reset Flow:

Enter Username / Email address
Click on Submit
- Password reset link will be sent to the registered email
Open the email and click on the reset link
The system will prompt for 2FA verification
Complete the authentication (OTP / Authenticator, etc.)
Click on Login
Enter: New Password and Confirm Password
- Click on Save
  Password is successfully reset only after completing 2FA.

How It Works

Adds a second verification layer to the password reset process
Prevents unauthorized users from misusing reset links
Ensures only verified users can change account credentials