How to confirm users have enabled 2FA via the webui
search cancel

How to confirm users have enabled 2FA via the webui


Article ID: 253157


Updated On:


Security Analytics


Users can individually enable 2FA via the webui, however as an admin, there is not  a way to confirm which users have actually enabled 2FA via the webui.  This is not available in the current release, 8.2.6.


Release : 8.2.5


The google authenticator can be enabled but there needs to be a method to know which users have enabled two factor authentication, also known as 2FA.


The admin can login as root to the CLI and run the following to learn which users do or do not have 2FA enabled.  If the "has_2fa" column is set to 1, then the user has enabled 2FA.

The command to run:

echo "SELECT (SELECT COUNT(*) AS count FROM user_settings AS us WHERE = us.user_id AND = 'totp') AS has_2fa, u.username, FROM users AS u WHERE u.username NOT LIKE 'cmc\_proxy%' ORDER BY u.username;" | su - postgres -c "psql -d dsweb"

For example,

 has_2fa |    username      |               name                
            1 | admin               | control_center_admin.default_name
            0 | admin1             | admin1
            0 | security_admin | Security Administrator
            0 | user1              | user1
            0 | user11              | user11

Additional Information

A feature request has been made to add this list to the web GUI.